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NOT  ADVANCING 

Heavy  IT  workloads  and  a  lack  of  management 
support  hold  up  advanced  storage  projects,  page  a 


INCREASED  MOBILITY 

Michael  Gartenberg  thinks  Microsoft  is  poised  to 
become  a  major  force  in  mobile  computing,  page  is 


Chances  are  it’s  just  a  matter 
of  time  before  your  company 
suffers  a  security  breach. 

Do  you  know  how  you’ll 
respond?  You’d  better! 

Page  39 
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IT  Consolidates  Bl  Tools  As  Use  Expands 


Companies  look  to 
streamline  support, 
improve  ease  of  use 

BY  HEATHER  HAVENSTEIN 

SCOTTSDALE,  ARIZ. 

As  companies  look  to  extend 
business  intelligence  capabili¬ 
ties  to  growing  numbers  of 
end  users,  IT  operations  are 
consolidating  multiple  BI  tool 


sets  and  forging  closer  ties 
with  business  units. 

Attendees  at  last  week’s 
Computerworld  Business  In¬ 
telligence  Perspectives  con¬ 
ference  here  said  tool  consoli¬ 
dation  should  make  BI  tools 
easier  to  use  and  reduce  IT 
support  requirements. 

For  example,  Carlson  Hos¬ 
pitality  Worldwide  is  replac¬ 
ing  six  reporting  and  analysis 


tools  and  standardizing  on 
Information  Builders  Inc.’s 
WebFocus  software.  An  offi¬ 
cial  at  the  hotel  operator  in 
Minnetonka,  Minn.,  declined 
to  identify  the  six  products 
that  are  being  replaced. 

Carlson  will  use  WebFocus 
for  reporting  and  to  deliver 
business  scorecard  applica¬ 
tions,  which  monitor  adher¬ 
ence  to  corporate  goals,  to 
each  of  its  870  hotels. 

BI  Tools,  page  14 
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INSIDE:  Conference  panelists  say 
end  users  need  to  be  involved  in  front¬ 
line  BI  efforts.  PAGE  14 


ONLINE:  Read  full  coverage  of  BI 
technologies.  ©  QuickLink  a4630 


Sarb-Ox  Missteps 
Help  IT  Execs 
Fine-tune  Plans 

Among  lessons  from  first  year  of  compliance: 
Assign  dedicated  staffers,  test  controls  centrally 


BY  THOMAS  HOFFMAN 

BALTIMORE 

Executives  who  over¬ 
saw  the  first  round  of 
Sarbanes-Oxley  Act 
compliance  for  their 
companies  said  last 
week  that  in  hindsight, 
they  likely  would  have  done 
things  a  bit  differently. 

The  changes  they  would 
make  include  better  educating 
workers  about  the  steps  that 
need  to  be  taken,  assigning 
dedicated  staffers  to  assess 
and  monitor  critical  controls, 
and  automating  a  greater  por¬ 
tion  of  repairs  to  deficient  IT 


controls,  said  attendees 
at  the  Sarbanes-Oxley 
Conference  &  Exhibi¬ 
tion  here. 

Neil  Frieser,  vice 
president  of  internal 
controls  at  Viacom  Inc. 
in  New  York,  said  his 
early  experiences  taught  him 
that  “you  want  to  start  the 
process  early,  to  educate  as 
many  people  as  possible.” 

Frieser  said  Viacom  con¬ 
ducted  a  staggering  19,600 
tests  on  1,560  business  con¬ 
trols  and  540  IT  controls  last 
year  to  meet  Section  404  of 

Sarb-Ox,  page  50 


Palm’s  Embrace  of  Windows  for 
Treo  Clouds  Future  of  Palm  OS 


IT  managers  want  to 
avoid  mixed  rollouts 
of  mobile  devices 


BY  MATT  HAMBLEN 

When  Palm  Inc.  announced 
last  week  a  Treo  smart  phone 
that  will  run  Windows  Mo¬ 
bile,  it  provoked  a  debate 
among  IT  managers  over 
whether  Microsoft  Corp.’s 
operating  system  or  Palm  OS 
is  the  better  choice  for  users. 

But  10  IT  managers  inter¬ 
viewed  after  the  announce¬ 
ment  agreed  on  one  thing: 


They  would  prefer  to  deploy 
a  single  mobile  operating  sys¬ 
tem  to  help  simplify  support. 

“Fundamentally,  I’m  not  a 
Microsoft  hater,  and  I  might 
want  Windows  Mobile  in 
five  years,”  said  Bruce  Hagen, 
vice  president  of  corporate 
information  systems  at  Bemis 
Manufacturing  Co.  in  She¬ 
boygan  Falls,  Wis.  “[But]  we 
want  to  have  one  OS  to  sup¬ 
port.  There  are  too  many 
support  issues  with  one,  let 
alone  [two].” 

About  50  end  users  at  Be- 

Palm  OS,  page  50 


Sara  knew  her  company  needed  something  more  than  a  mere  copier. 
So  they  chose  the  new  Canon  imageRUNNER  6570  that  does  it  all. 
That’s  why  Sara’s  company  needs  Sara. 


imageRUNNER  5570 


Sara’s  company  isn’t  doing  business  as  usual.  What  about  your  company?  Some  say  altyou  need  is  a  mere  copier;  we  disagree.  With  the 
revolutionary  new  Canon  imageRUNNER®70  Series,  you’ll  receive  state-of-the-art  technology  with  reliable  high-speed  scanning,  copying,  printing, 
fax  capabilities,  even  Internet  access.  All  of  our  products  have  proven  new  engines,  not  to  mention  robust  software  offerings  such  as  Express  Copy, 
Universal  Send™  and  eCopy  ShareScan  OP,™  which  provide  users  with  the  ability  to  scan  and  share  documents  with  any  destination.  Thanks  to 
Canon’s  MEAP®  technology,  their  functions  can  be  tailored  foryour  specific  business  needs.  And  with  their  advanced  security  features,  your  documents  and 
user  information  are  protected,  giving  you  some  well-deserved  peace  of  mind.  Now  you  can  truly  expand  the  potential 
of  your  workday.  And  that’s  not  business  as  usual.  1-8QO-OK-CANON  www.imagerunner.com 


Canon 


Canon.  IMAGERUNNER  and  MEAP  are  registered  trademarks  ol  Canon  Inc  ,  in  the  United  States  and  may  also  be  registered  trademarks  in  other  countries,  IMAGEANYWARE  Is  a  trademark  of  Canon  U.S.A.,  Inc.  Universal  Send  is  a  trademark  of 
Canon  Inc  m  the  United  States  and  may  also  be  a  trademark  in  other  countries.  eCopy  ShareScan  Is  a  trademark  of  eCopy,  Inc.  ©2005  Canon  USA  ,  Inc.  All  rights  reserved.  Products  shown  with  optional  accessories.  Certain  software  sold  separately. 
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The  entire  department  heard  Boh  exclaim,  “Cool!"  as  he  used 
the  Web  browser  on  the  new  imageRUNNER  6570  to  access 
and  print  his  company's  4th  quarter  sales  results. 


imageRUNNER  5570 


Bob’s  company  isn’t  doing  business  as  usual.  What  about  your  company?  White  “cool”  definitely  applies  to  the  new  Canon  imageRUNNER®70  Series, 
“groundbreaking”  is  more  apt.  Both  the  imageRUNNER  6570  and  imageRUNNER  5570  have  the  industry’s  first  embedded  Web  access  function  -  in 
other  words,  a  full-size  user  interface  panel  that  actually  lets  you  call  up  Internet  or  intranet  data  without  the  use  of  a  PC,  right  from  the  device. 
Once  you’ve  done  that,  you  can  print  the  forms  and  documents  you  need  to  work  more  efficiently  and  productively.  Of  course,  there  are  a  host  of 
other  great  features  that  help  expand  the  potential  of  your  workday.  And  that’s  definitely  not  business  as  usual. 

1-8QO-OK-CANON  www.imagerunner.com 


Canon  and  IMAGERUNNER  are  registered  trademarks  ot  Canon  Inc.,  in  the  United  States  and  may  also  be  registered  trademarks  In  other  countries.  IMAGEANYWARE  Is  a  trademark  of  Canon  U.S.A.,  Inc.  ©2005  Canon  U.S.A  ,  Inc.  All  rights  reserved.  Products  shown  with  optional  accessories. 
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As  Patti  observed  the  new  Canon  Color-enabled  imageRUNNER, 
her  new  mantra  became,  “ black-and-white  and  occasional 
color  printing  is  now  affordable.” 


Patti’s  company  isn’t  doing  business  as  usual.  What  about  your  company?  Yes,  thanks  to  the  Canon  Color-enabled  imageRUNNER5 
C3170  Series,  you  can  actually  add  a  few  pages  of  color  to  your  usual  black-and-white  printing  when  you  need  it  more  affordably  than  before. 
The  result  is  eye-catching  documents  and  more  effective  presentations.  This  state-of-the-art  imageRUNNER  also  works  with  our  latest  robust  software 
offerings,  including  Express  Copy,  Color  Universal  Send™  and  eCopy  ShareScan  OP,™  allowing  users  to  scan  and  share  documents  with  any 
destination.  All  of  this  while  giving  you  the  dependability  you  expect  from  the  Canon  imageRUNNER  line  with  the 
latest  technology  available.  It’s  yet  another  example  of  expanding  the  potential  of  your  workday.  And  no  longer 

doing  business  as  usual.  1-800-OK-CANON  www.imagerunner.com  ■  ■ 
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The  new  Canon  image  RUNNER  solutions  and  support  addressed 
Don’s  concerns  about  seamless  network  integration,  secured  printing 
and  managing  network  devices.  Hence,  Don’s  no  longer  concerned. 


Don’s  company  isn’t  doing  business  as  usual.  What  about  your  company?  We’re  well  aware  of  your  daily  challenges  as  the  gatekeeper 
°f  your  company’s  network.  And  we  totally  understand.  That’s  why  Canon’s  imageRUNNER®  solutions  are  raising  the  bar  for  how  well  network  devices 
work  and  how  seamlessly  they’re  integrated.  You’ll  appreciate  enhanced  security  features  that  include  a  secured  print  function  for  document 
confidentiality,  user  authentication,  NetSpot®and  Remote  UT“  for  easily  managing  network  devices.  In  addition,  you  get  entirely  new  systems 
across  our  full  line  of  imageRUNNER  solutions,  which  offer  intuitive  technology  that  works  with  you,  not  against  you. 

You  can  also  expect  your  current  investment  to  be  leveraged,  your  concerns  to  be  addressed  and  the  potential  of  ^ 

your  workday  to  be  expanded.  Which  means  no  more  business  as  usual.  1-800-OK-CANON  www.imagerunner.com  ■  B 1 1 
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People  told  Columbus 
the  world  was  flat. 

He  didn't  insist  it  was  round. 

He  got  in  a  boat.  People  will  tell 
you  there  is  only  one  choice  for 
your  enterprise  network  solutions. 
We’re  not  telling  you  to  insist 
they’re  wrong.  Simply  give 
our  intelligent  network  solutions 
a  look.  Decide  for  yourself. 


3com.com/AdvanceTheNetwork 
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Copyright  ©  2005  3Com  Corporation  All  rights  reserved.  3Com  and  the  3Com  logo  are  registered  trademarks  of  3Com  Corporation. 
Ail  other  company  and  product  names  may  be  trademarks  of  their  respective  companies 
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Data  Center  Gets  Star  Treatment 

In  the  Technology  section:  Moving  to  new  digs, 
Lucasfilm  seized  a  once-in-a-lifetime  opportunity 
to  rebuild  its  data  center  and  networks  from  the 
bottom  up,  says  CTO  Cliff  Plumer  (right). 

Page  23 
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Connected  or  Addicted? 

In  the  Management  section:  Paul  Glen  sees 
a  pathological  need  for  connectedness  in 
managers  who  can’t  stand  to  miss  a  call 
on  their  cell  phones  or  an  e-mail  on  their 
BlackBerries.  Page  46 
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4  Storage  projects  are  stifled 
by  a  lack  of  time  and  manage¬ 
ment  support. 

4  Q&A:  Michael  Feinberg,  CTO 

of  HP’s  Storage  Works  unit,  re¬ 
assures  users  that  storage  is 
“top  of  mind”  for  the  vendor. 

5  HP  e3000  users  continue 
their  fight  to  gain  ownership 
of  MPE  source  code,  but  fund¬ 
ing  issues  are  hindering  them. 

8  SAP,  Oracle  plug  their  latest 
middleware  while  taking 
shots  at  each  other’s  offerings. 

8  Fallout  from  data  breaches 

can  be  minimized  with  effec¬ 
tive  communication,  a  new 
survey  says. 

10  Microsoft,  Symantec  ship 
continuous  data  protection 
products  that  can  back  up  in¬ 
cremental  copies  of  files  to  lo¬ 
cal  servers  and  restore  them 
in  seconds. 

10  An  internal  Novell  server  is 
hacked  into  and  used  to  scan 
for  vulnerable  ports  on  sys¬ 
tems  worldwide. 

12  Global  Dispatches:  Microsoft 
will  double  the  workforce  at 
its  Indian  units. 

12  Supporters  of  a  higher  H-1B 
cap  push  Congress  to  loosen 
immigration  restrictions. 

14  Use  of  business  intelligence 

tools  spreads  to  the  front 
lines. 

16  PanGo  updates  its  asset¬ 
tracking  software. 


31  Geek’s  Garden.  A  new  comput¬ 
er  algorithm  can  speed  up 
genome  sequencing:  MIT  cre¬ 
ates  maps  in  an  Austrian  city 
using  cell  phone  data;  and  we 
profile  Konrad  Zuse,  who  cre¬ 
ated  the  first  programmable 
computer  commercially  sold. 

34  QuickStudy:  Podcasting.  This 
method  for  publishing  audio 
broadcasts  via  the  Internet  al¬ 
lows  users  to  subscribe  to  an 
automatic  feed  of  files  that  can 
be  downloaded  to  portable 
music  players  or  PCs. 

35  Security  Manager’s  Journal: 
Playing  Nice  With  Physical 
Security.  You  must  tread  with 
care  when  it’s  necessary  to 
cross  the  line  between  the  de¬ 
partments  handling  physical 
and  information  security,  says 
Mathias  Thurman. 

MANHEMEMT 

39  Data  Scandal.  It  may  not  be  a 

case  of  whether  but  when 
your  company  will  experience 
a  data  security  breach.  Do  you 
know  how  you’re  going  to  re¬ 
spond?  You’d  better. 

42  “What  We  Have  Here  Is  an 
IT  Problem  .  .  .”  Is  there  any 
way  to  end  the  finger-pointing 
between  IT  and  business?  IT 
professionals  Jennifer  and 
Doug  Pfaff  look  at  why  it’s 
often  so  hard  to  get  along. 

44  Interns  201.  Now’s  the  time 
to  upgrade  your  student  in¬ 
tern  program  so  it  delivers 
more  value  for  both  sides  the 
next  time  around. 


6  On  the  Mark:  Mark  Hall  talks 
to  the  executive  director  of 
the  newly  formed  Technology 
Professional  Services  Associ¬ 
ation,  who  cautions  against 
vendors  that  are  more  inter¬ 
ested  in  selling  you  widgets 
than  in  helping  you  solve  your 
overall  IT  issues. 

18  Don  Tennant  views  the  IT  in¬ 
dustry  as  unique,  but  he  still 
thinks  there  are  parallels  with 
other  industries  that  can  yield 
valuable  insights  into  the  mat¬ 
uration  of  high  tech. 

18  Michael  Gartenberg  got  a 

peek  at  the  new  Windows  Mo¬ 
bile  5.0  and  sees  three  trends 
that  should  make  Microsoft  a 
major  player  in  mobility. 

36  Mark  Willoughby  thinks  re¬ 
mote  attestation  deprives  hu¬ 
mans  of  the  right  to  choose  if, 
and  how,  they  want  to  obey 
the  law. 

52  Frankly  Speaking:  Frank 

Hayes  takes  a  look  at  a  new 
IBM  consulting  offering 
that  aims  to  help  companies 
decide  what  skills  to  replace 
as  baby  boomer  IT  profes¬ 
sionals  prepare  to  retire. 

But  he  thinks  you  can  capture 
their  critical  knowledge  on 
your  own  with  in-depth 
debriefings. 
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From  Adversity  to  Advantage 

DEVELOPMENT:  See  how  six  project  manage¬ 
ment  steps  can  help  your  IT  department 
manage  risks  and  boost  the  company’s 
business  performance.  ©  QuickLink  57178 

Securing  Your  Macs 

MACINTOSH:  Securing  a  workstation  means 
protecting  user  files  and  folders,  application 
folders  and  operating  system  components, 
says  columnist  Ryan  Faas.  The  goal  is  not 
only  to  safeguard  user  data  but  also  to  ensure 
that  any  information  about  your  network  at 
large  is  safe.  ©  QuickLink  57140 

In  a  Pinch,  Networked-Attached 
Storage  Gateway  Fits  the  Bill 

STORAGE:  Finding  itself  between  SANs,  one 
company  filled  the  gap  with  an  ONStor  sys¬ 
tem  and  positioned  itself  for  tiered  storage. 

©  QuickLink  a7140 


A  Fresh  Approach  to  IP  Protection 

IT  MANAGEMENT:  Attorney  John  Gliedman 
discusses  a  case  in  which  a  licensor  placed  a 
dollar  value  on  a  future  breach  of  its  intellec¬ 
tual  property  rights.  ©  QuickLink  56950 

Mobile  Trends 

WEBCAST :  Get  up  to  speed  on  the  latest 
trends  in  mobile  and  wireless  technology 
and  learn  how  they’re  transforming  the  way 
five  vertical  industries  do  business.  This 
webcast  includes  a  quick  primer  on  Wi-Fi, 
WiMax,  RFID  and  3G.  ©  QuickLink  a583Q 


What's  a  QuickLink? 


O  Throughout  each  issue  of 
Computerworlcl,  you'll 
see  five-digit  QuickLink  codes 
pointing  to  related  content  on 
our  Web  site.  Also,  at  the  end  of 
each  story,  a  QuickLink  to  that 
story  online  facilitates  sharing  it 
with  colleagues.  Just  enter  any 
of  those  codes  into  the  Quick¬ 
Link  box,  which  is  at  the  top  of 
every  page  on  our  site. 
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GAO:  FAA  Lacks  IT 
Security  Controls 

The  Federal  Aviation  Administra¬ 
tion  lacks  IT  network  security  con¬ 
trols  and  in  some  cases  hasn’t  in¬ 
stalled  software  patches  that  are 
several  years  old,  according  to  a 
Government  Accountability  Office 
report.  These  and  other  FAA  IT 
problems  could  “lead  to  disruption 
in  aviation  operations,”  the  report 
said.  The  FAA  downplayed  the 
findings  but  said  it  will  consider 
the  GAO’s  recommendations. 


BEA  Buys  Eclipse 
Tool  Maker  M7 

BEA  Systems  Inc.  has  acquired 
M7  Corp.,  a  maker  of  develop¬ 
ment  tools  based  on  the  Eclipse 
open-source  framework,  for  an 
undisclosed  sum.  BEA  said  it  can 
now  deliver  a  “blended”  product 
line  that  combines  open-source 
and  proprietary  technologies.  BEA 
joined  the  Eclipse  Foundation  in 
March  after  long  ignoring  the  de¬ 
velopment  standard. 


GE  Healthcare  To 
Pay  $1.2B  for  IDX 

U.K.-based  GE  Healthcare,  a  unit 
of  General  Electric  Co.,  has 
agreed  to  buy  health  care  IT 
provider  IDX  Systems  Corp.  for 
about  $1.2  billion  in  cash.  The 
combined  company  will  offer 
suites  of  clinical,  imaging  and  ad¬ 
ministrative  information  systems, 
GE  said.  The  transaction  is  ex¬ 
pected  to  close  early  next  year. 


U6A  Employee 
Data  Compromised 

About  1,600  current  and  former 
employees  of  the  University  of 
Georgia  are  being  notified  that 
their  Social  Security  numbers, 
stored  on  a  campus  server,  may 
have  been  seen  by  a  hacker  oper¬ 
ating  from  a  foreign  country.  The 
Athens-based  school  said  the 
breach  was  discovered  Sept.  19 
and  that  the  intrusion  was 
stopped.  No  credit  card  informa¬ 
tion  was  accessed,  officials  said. 


Lack  of  Support,  Time 
Slow  Storage  Projects 

IT  managers  say  hurdles  are  too  high 


BY  LUCAS  MEARIAN 

NEW  YORK 

Information  technology 
managers  want  the  bene¬ 
fits  of  new  storage  tech¬ 
nologies,  but  several  in¬ 
terviewed  at  the  Storage  Deci¬ 
sions  conference  here  last 
week  said  a  lack  of  time  and 
management  support  for 
such  projects  are  stifling 
those  aspirations. 

Some  users  said  they 
haven’t  even  had  the  time  or 
support  needed  to  create  a 
cost-benefit  model  for  storage 
resource  management  and 
tiered  storage  management 
projects. 

“My  problem  is  we’re  too 
busy.  Every  year,  we  put  stor¬ 
age  resource  management  on 
the  budget,  and  every  year,  it 
just  falls  off,”  said  Edwin  Als- 
berg,  director  of  IT  operations 
at  The  Depository  Trust  & 
Clearing  Corp.  in  New  York. 

John  Strano,  manager  of  ca¬ 
pacity  and  performance  man¬ 
agement  at  Pfizer  Inc.  in  New 
York,  said  IT  managers  in  gen¬ 
eral  don’t  have  time  to  deploy 
sophisticated  data  manage¬ 
ment  tools,  “let  alone  get  the 
value  out  of  them.” 

Strano  said  he  has  devel¬ 
oped  a  plan  for  a  tiered  stor¬ 
age  infrastructure  with  six  lev¬ 
els  ranging  from  high-end  pri¬ 
mary  to  secondary  storage  to 
network-attached  storage.  But 
Strano  said  that  so  far,  he  has 
deployed  only  three  levels  be¬ 
cause  he’s  so  busy. 

No  Time  to  Model 

An  impromptu  electronic  sur¬ 
vey  of  about  500  users  at  the 
conference  by  sponsor  Tech- 
Target  found  that  66%  don’t 
have  time  to  put  together  a 
basic  cost  model  or  a  data 
value  model  for  an  informa¬ 
tion  life-cycle  management 
project.  Twenty-eight  percent 
said  they  can’t  build  out  a 
tiered  storage  cost  model,  and 
only  8%  have  completed  work 


on  an  ILM  strategy.  In  another 
conference  survey,  69%  of  the 
respondents  said  they  receive 
some  executive  support  but  no 
ongoing  support  for  projects, 
22%  said  they  receive  no  man¬ 
agement  support,  and  9%  said 
they  get  all  the  management 
support  they  need. 

Richard  Scanned,  vice  presi¬ 
dent  of  corporate  develop¬ 
ment  at  GlassHouse  Technolo¬ 
gies  Inc.,  a  consulting  firm  in 
Framingham,  Mass.,  said  IT 
officials  may  have  more  suc¬ 
cess  in  gaining  management 
backing  for  projects  when  pro¬ 
posals  detail  probable  effects 
on  the  business. 


Craig  Taylor,  associate  di¬ 
rector  of  open  systems  at 
Chicago  Mercantile  Exchange 
Holdings  Inc.,  said  he  did  gain 
management  support  as  his 
unit  built  out  a  five-tier  stor¬ 
age  infrastructure  that  has 
eliminated  regular  daily  back¬ 
ups  to  tape  and  greatly  re¬ 
duced  power  consumption  in 
his  data  center.  Taylor  said  IT 
should  provide  management 
with  simple  lines  of  reasoning 
for  supporting  projects.  “Look 
at  it  from  the  application  level 
—  e-mail,  regulatory  reports, 
Word  documents,”  he  said. 

The  archival  tier  of  the  ex¬ 
change’s  storage  infrastruc¬ 
ture  is  made  up  of  a  relatively 
inexpensive  ATA  array  from 


My  problem 
is  we’re  too 
busy.  Every  year, 
we  put  storage 
resource  manage¬ 
ment  on  the  budget, 
and  every  year,  it 
just  falls  off. 

EDWIN  ALSBERG,  DIRECTOR  OF  IT 
OPERATIONS.  THE  DEPOSITORY  TRUST 
&  CLEARING  CORP. 

Copan  Systems  Inc.  in  Long¬ 
mont,  Colo.,  that  stores  228TB 
in  a  10-square-foot  area,  free¬ 
ing  up  space  in  the  data  center 
and  using  far  less  electricity 
than  a  traditional  midtier  disk 
array  or  a  tape  silo. 

The  new  array  has  in¬ 
creased  backup  and  restore 
rates  by  228%  compared  with 
the  exchange’s  old  tape  silo, 
Taylor  said.  ©  57198 


StorageWorks  CTO  Says  Storage  Still  Top  of  Mind’  at  HP 


NEW  YORK 

Michael  Feinberg,  chief  tech¬ 
nology  officer  at  Hewlett-Pack¬ 
ard  Co.’s  StorageWorks  division, 
must  ensure  that  HP’s  __ 

storage  push  moves  j§  s  'j 

along  as  it  cuts  costs  Wj  J 
through  layoffs  [QuickLink 
55737]  and  faces  life  under  new 
CEO  Mark  Hurd,  who  was  hired 
in  March  to  replace  Carly  Fiorina. 
Feinberg  discussed  HP’s  storage 
plans  with  Computerworld at  the 
Storage  Decisions  conference 
here  last  week. 

Has  HP’s  StorageWorks  been 
affected  by  the  change  of 
CEOs?  Storage  is  top  of  mind  at 
HP.  The  interesting  questions 
roaming  around  last  year  were, 
“Was  HP  committed  to  storage? 
Who  are  they?  And  what  do  they 
want  to  be  when  they  grow  up?" 
Mark  Hurd  reconfirmed  our  com¬ 
mitment  to  storage. . . .  Mark 
Hurd’s  committed  to  storage. 

We're  committed  to  storage. 

Did  the  announcement  of 
14,500  layoffs  over  six  quar¬ 
ters  and  the  change  of  com¬ 
mand  hurt  morale  in  your  op¬ 


eration?  I  think  when  you  have 
downturns  in  business,  and 
they’re  reflected  in  the  price  of 
shares,  and  that’s  reported  in  the 
__  press,  that  really  impacts 
|\  ||  morale.  We’re  seeing  the 
Ll  success  of  our  products  in 
the  marketplace,  and  we’re 
seeing  our  stock  go  up.  I  think 
the  morale  is  positive. 

How  would  you  compare 
Hurd’s  style  of  leadership 
with  Fiorina’s?  I  don’t  want  to 
comment  on  that.  I  would  just  say 
in  all  fairness  to  all  people  that  the 
focus  on  storage  has  always  been 
there.  Mark  has  re-engaged  and 
reinvigorated  that  focus. 

HP  has  agreed  to  acquire 
ApplQ  [QuickLink  56945], 
whose  products  work  with 
multivendor  storage  systems. 
Once  you  own  ApplQ,  do  you 
expect  that  users  will  view  its 
products  as  proprietary  tech¬ 
nology?  Look  at  the  base  tech¬ 
nology.  It’s  all  about  heterogene¬ 
ity.  Even  if  we  wanted  to  say  it’s 
all  about  HP-UX  and  ourXP 
servers,  let’s  be  practical.  That’s 
not  the  design  point  or  the  goal 


of  the  product.  Heterogenous 
management  is  critical  to  our 
customers.  As  much  as  we’d 
love  to  be  the  only  technology 
in  any  environment,  it’s  a  hetero¬ 
genous  world  out  there. 

Will  HP  continue  to  push 
AppIQ’s  proposal  to  make  its 
Storage  Management  Inter¬ 
face  Specification  an  indus¬ 
try  standard?  ApplQ  is  still  an 
external  company,  so  I  can’t 
comment  on  how  ApplQ  wants 
to  do  it.  We’re  very  committed  to 
standards.  We’re  very  collabora¬ 
tive  on  standards,  and  we’re  go¬ 
ing  to  continue  that  process. 

IBM,  Microsoft  and  Symantec 
recently  came  out  with  con¬ 
tinuous  data  protection  prod¬ 
ucts  [see  story,  page  10]. 
What’s  your  CDP  plan?  We 
believe  data  protection  is  ripe  for 
change.  There's  a  lot  of  capabili¬ 
ties  now  that  didn’t  exist  before 
that  transform  how  people  do 
data  protection.  We’re  taking 
that  next  step  with  CDP  prod¬ 
ucts  with  [HP’s  Data  Protection 
Storage  Servers]. 

-  Lucas  Mearian 
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HP  User  Group’s  Bid  for  Operating 
System  Faces  Funding  Dilemma 


OpenMPE.org  says  it  would  need 
S1.5M  to  start,  $1M  a  year  after  that 


BY  PATRICK  THIBODEAU 

Hewlett-Packard  Co.’s  deci¬ 
sion  to  drop  its  HP  e3000  sys¬ 
tem  was  unpopular  with  users, 
who  are  fighting  back  with  a 
plan  to  keep  the  midrange 
line’s  MPE  operating  system 
source  code  alive  so  they  can 
continue  running  the  e3000 
beyond  December  2006,  HP’s 
end-of-support  date. 

But  OpenMPE  Inc.,  the 
group  formed  four  years  ago 
by  e3000  users  to  gain  access 
to  the  source  code  in  order  to 
provide  ongoing  support  and 
patches,  may  face  the  classic 
chicken-and-egg  problem. 

OpenMPE  would  need 
about  $1.5  million  in  user  fees 
to  provide  support  for  the  op¬ 
erating  system  in  its  first  year 
and  $1  million  annually  in  sub¬ 
sequent  years.  But  users  aren’t 
likely  to  commit  to  paying  fees 
until  HP  decides  the  fate  of 
the  source  code,  which  it’s 
scheduled  to  do  by  year’s  end. 

If  HP  releases  the  code 
to  OpenMPE,  “it  would  en¬ 
able  us  to  go  to  the  people 
we  need  to  go  to  and  actually 
have  something  to  talk  about,” 
said  John  Wolff,  vice  chairman 
of  the  Hagerstown,  Md.-based 
organization.  Wolff,  CIO  at 
Los  Angeles-based  Laaco  Ltd., 
which  operates  self-storage 
facilities  and  private  clubs, 
said  he’s  concerned  that  HP 
will  tie  its  decision  about  the 
code  to  OpenMPE’s  ability  to 
raise  money. 

‘Not  a  Priority’ 

But  David  Wilde,  HP’s  e3000 
business  manager,  said  in  a 
written  response  to  questions 
that  OpenMPE’s  fundraising 
progress  “is  not  a  primary 
consideration  in  our  decision¬ 
making  process.”  He  added 
that  HP  officials  “are  looking 
at  a  variety  of  options,  includ¬ 
ing  access  to  source  code  by 
one  or  more  partners  other 
than  OpenMPE.” 


OpenMPE  officials  believe 
that  access  to  the  MPE  source 
code,  as  well  as  the  ability  to 
change  it  and  develop  patches, 
will  be  critical  to  users  who 
plan  to  continue  using  their 
e3000s  after  HP  support  ends. 

Birket  Foster,  OpenMPE’s 
president  and  head  of  MB  Fos¬ 
ter  Associates  Ltd.,  a  consult¬ 
ing  firm  in  Chesterville,  On¬ 
tario,  estimated  that  about 
2,000  companies  will  still  be 
using  e3000  systems  after  sup¬ 
port  ends.  In  some  cases,  mi¬ 
grations  will  take  several  years 


Manufacturers 
replace  paper  safety 
info  sheets  with 
online  systems 

BY  JAIKUMAR  VIJAYAN 

An  emerging  class  of  hosted 
services  is  designed  to  make  it 
easier  for  manufacturing  com¬ 
panies  to  manage  the  material 
safety  data  sheets  (MSDS)  re¬ 
quired  for  each  of  the  chemi¬ 
cals  used  in  their  products. 

Last  week,  3E  Co.,  a  Carls¬ 
bad,  Calif. -based  provider  of 
Web-based  chemical  manage¬ 
ment  services,  launched  Ver¬ 
sion  2.0  of  its  3E  Online  offer¬ 
ing.  The  upgraded  service  al¬ 
lows  users  to  more  quickly 
search  for  MSDS  information 
across  multiple  sites,  and  it 
makes  it  easier  for  manufac¬ 
turers  to  verify  their  compli¬ 
ance  with  international  stan¬ 
dards  regulating  the  use  of 
chemicals,  according  to  3E. 

Due  to  make  a  similar  an¬ 
nouncement  next  week  is  Ac¬ 
tio  Corp.,  a  Hampton,  N.H.- 
based  application  service 
provider  that  offers  a  portfo¬ 
lio  of  chemical  management 


to  complete,  he  said. 

But,  Foster  added,  many 
firms  that  are  migrating  won’t 
be  able  to  move  all  their  data 
off  the  e3000  and  will  need 
continued  access  to  the  sys¬ 
tems  to  satisfy  auditing  and 
regulatory  requirements. 

Support  May  Suffer 

Even  if  HP  gives  OpenMPE  ac¬ 
cess  to  the  source  code,  sup¬ 
port  may  suffer  if  the  vendor 
limits  the  group’s  ability  to 
make  changes  and  update  the 
software.  Foster  said  patch- 
level  support  is  a  minimum 
requirement  for  e3000  users. 

HP  stopped  selling  the  pro¬ 
prietary  minicomputers  two 


services.  Enhancements  to 
Actio’s  MSDS  Vault  service 
include  new  features  for  han¬ 
dling  preliminary  screening  of 
chemicals,  inventory  manage¬ 
ment  and  chemical  tracking. 

“The  primary  return  on 
such  services  is  compliance 
assurance,”  said  Jeet  Radia, 
assistant  vice  president  in 
charge  of  environmental  is¬ 
sues  at  Me  Wane  Inc.,  a  maker 
of  cast-iron  pipes  and  fittings 
in  Birmingham,  Ala. 

Regulatory  Requirements 

Like  other  manufacturers, 
McWane  is  required  to  main¬ 
tain  detailed  MSDSs  listing 
the  physical  attributes,  toxici¬ 
ty  and  health  effects  of  each  of 
the  chemicals  used  in  its  prod¬ 
ucts,  as  well  as  its  procedures 
for  disposing  of  them. 

The  data  is  required  under 
the  Occupational  Safety  and 
Health  Administration’s  Haz¬ 
ardous  Communication  Stan¬ 
dard  and  is  designed  to  give 
employees  and  emergency 
workers  information  on  the 
proper  handling  of  chemicals. 

Until  recently,  McWane 
maintained  10,000  MSDSs 


Hosted  Services  Tapped  to 
Manage  Data  on  Chemicals 


years  ago.  Wolff  and  others  in¬ 
volved  in  OpenMPE  said  that 
releasing  the  operating  sys¬ 
tem’s  source  code  to  the  group 
would  help  the  company  im¬ 
prove  its  relations  with  the  re¬ 
maining  e3000  users. 

However,  HP  sent  a  note 
last  month  to  certified  MPE 
systems  administrators  notify¬ 
ing  them  that  the  certification 
was  no  longer  recognized  and 
that  they  no  longer  hold  the 
title  of  “HP  certified  profes¬ 
sional.” 

That  action  drew  an  unhap¬ 
py  response  from  Paul  Ed¬ 
wards,  a  Carrollton,  Texas- 
based  consultant  who,  along 
with  Ellicott  City,  Md.-based 
Alden  Research  Inc.,  recently 
reached  an  agreement  with 
HP  to  provide  ongoing  MPE 
training.  Edwards  said  the  sit¬ 
uation  is  similar  to  a  universi¬ 
ty  telling  graduates  “that  their 


How  It  Works 


Online  MSDS  services: 

■  Customers  hand  over  a  complete 
inventory  of  all  the  chemicals  used 
in  their  products  to  their  service 
providers. 

■  The  associated  data  sheets  are 
sometimes  sourced  directly  from 
chemical  makers  by  application 
service  providers,  which  then  man¬ 
age  and  maintain  the  data  for  users. 

■  Other  service  providers  require 
customers  to  scan  their  MSDS  in¬ 
formation  into  the  online  system 
they're  using. 


across  its  25  facilities  using  a 
paper-based  approach  that 
made  the  information  difficult 
to  access  and  even  harder  to 
update.  The  process  was  cum¬ 
bersome  and  imprecise,  said 
Radia,  adding  that  the  data 
sheets  lacked  a  consistent  for¬ 
mat  and  often  were  illegible. 

McWane  signed  up  for  a 
managed  MSDS  service  with 
Safetec  LLC  in  Vancouver, 
Wash.,  about  six  months  ago. 
Under  the  arrangement,  Safe- 
tec  is  scanning  all  of  McWane’s 
MSDSs  into  a  more  organized 
online  system  that  makes  it 
easier  to  retrieve  information, 
Radia  said. 

The  improved  access  has 


Code  Choices 

WHAT  OPENMPE  WANTS 

Access  to  the  e3000  source  code,  with 
the  ability  to  patch,  update  and  rewrite 
the  code  as  necessary. 

WHAT  IT  NEEDS 

$1.5  million  to  pay  for  initial  engineering 
support,  hardware  setup  and  other 
first-year  costs,  and  about  $1  million 
in  subsequent  years. 

HP’S  OPTIONS 

License  the  source  code  to  OpenMPE 
or  to  one  or  more  third-party  vendors, 
or  take  no  action.  It  will  announce  a 
decision  by  year’s  end. 


degree  is  no  longer  valid.” 

Wilde  said  HP  is  “reinvesti¬ 
gating”  the  certification  issue, 
but  the  company  has  no  time¬ 
table  for  making  a  decision  on 
the  matter.  O  57203 


also  allowed  the  company  to 
tie  its  enterprise  environmen¬ 
tal  management  system  to 
the  MSDS  data  to  allow  for 
quicker  chemical  compliance 
checks  during  the  manufactur¬ 
ing  process. 

Behr  Process  Corp.  in  Santa 
Ana,  Calif.,  switched  from  a 
paper-based  system  to  Actio’s 
service  two  years  ago  and  has 
seen  significant  improvements 
in  its  ability  to  comply  with 
OSHA  requirements,  said 
Michael  Butler,  the  paint  man¬ 
ufacturer’s  director  of  envi¬ 
ronmental  and  regulatory  af¬ 
fairs.  The  hosted  service  has 
also  helped  Behr  expedite  the 
preparation  of  federal,  state 
and  local  reports  relating  to  its 
use  and  storage  of  chemicals, 
he  said. 

Cost  considerations  are  an¬ 
other  factor  for  users,  said 
Russ  McCann,  Actio’s  presi¬ 
dent  and  CEO.  Companies 
typically  spend  about  $50  per 
year  for  every  MSDS  they 
maintain  themselves,  McCann 
said.  In  contrast.  Actio’s  ser¬ 
vice  starts  at  about  $7,500  an¬ 
nually  for  a  five-year  contract, 
plus  $10  per  year  for  each 
MSDS  the  vendor  manages. 

Officials  at  3E  and  Safetec 
declined  to  disclose  pricing 
for  their  services,  saying  it 
varies  by  customer.  ®  57201 
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Intel  invests  in 
Software  Start-up 

Intel  Capital,  the  venture  capital 
arm  of  Intel  Corp.,  led  Virtual  iron 
Software  Inc.’s  latest  $8.5  million 
financing  round.  The  2-year-old 
virtualization  company  was  former¬ 
ly  known  as  Katana  Technology. 

It  has  also  signed  a  nonexclusive 
collaboration  agreement  with  In¬ 
tel.  Virtual  Iron  raised  $20  million 
in  two  prior  rounds  of  financing. 


AMD  Adds  Three 
Opteron  Processors 

Advanced  Micro  Devices  Inc.  has 
released  three  dual-core  Opteron 
processors  for  x86  servers  and 
workstations.  The  Model  880, 
which  can  have  up  to  eight  proc¬ 
essors,  and  the  280,  which  is  for 
dual-processor  systems,  are  ship¬ 
ping  at  $2,649  and  $1,299,  re¬ 
spectively.  The  $799  Model  180 
for  one-processor,  two-core  sys¬ 
tems  ships  later  this  month. 


Microsoft,  JBoss 
To  Link  Offerings 

JBoss  Inc.  and  Microsoft  Corp. 
last  week  unveiled  plans  to  en¬ 
hance  the  interoperability  be¬ 
tween  the  JBoss  Enterprise  Mid¬ 
dleware  System  and  Windows 
Server  products.  This  technical 
partnership  is  the  first  such  al¬ 
liance  between  Microsoft  and 
JBoss,  which  estimated  that  half 
of  its  customers  run  its  JBoss 
Enterprise  Middleware  System 
on  Microsoft’s  Windows  Server. 


CSC  Wins  S42.3M 
Defense  Contract 

Computer  Sciences  Corp.  has  won 
a  $42.3  million,  four-year  con¬ 
tract  to  provide  Web  hosting  and 
applications  support  services  to 
the  Defense  Technical  Information 
Center,  which  shares  technical  in¬ 
formation  among  U.S.  Defense 
Department  personnel,  contrac¬ 
tors  and  other  government  agen¬ 
cies.  The  new  agreement  follows 
a  five-year,  $25  million  contract 
DTSC  signed  with  CSC  in  2001. 


C  Ml  Tilt  liADIf  '  HOT  TECHNOLOGY  TRENDS,  NEW  PRODUCT 

till  I  ML  IVIAIlIl  '  NEWS  AND  INDUSTRY  buzz  by  mark  hall 


IT  Services  Concerns 
Are  Trumping . . . 

. . .  widget-centric  thinking  among  Fortune  1,000  CIOs. 

And  feeding  the  growing  need  for  IT  services  also 
happens  to  be  a  nice  way  for  vendors  to  pocket  more 
of  the  dollars  in  those  CIOs’  budgets,  says  Thomas 
Lah,  executive  director  of  the  Technology  Profes¬ 


sional  Ser¬ 
vices  Asso¬ 
ciation  in 
San  Diego. 
Formed  last 
month  as  a 
sister  organi¬ 
zation  to  the 
Service  & 
Support  Pro¬ 
fessionals  As¬ 
sociation  for 
IT  help  desk 
workers,  the  TPSA  hopes  its 
members  will  share  best  prac¬ 
tices  information.  Its  first 
event  will  be  a  webcast  on 
Oct.  20,  and  its  initial  confer¬ 
ence  will  be  in  April.  “There’s 
been  a  mental  shift  in  how 
Fortune  1,000  companies  con¬ 
sume  technology,”  Lah  ar¬ 
gues.  Open  systems,  he  says, 
have  created  vast  integration 
problems  that  CIOs  are  now 
pushing  back  on  vendors  to 
resolve.  “Suddenly,  profes¬ 
sional  services  capabilities 
are  critical  if  a  vendor  wants 
to  get  the  sale,”  Lah  notes.  But 
not  all  IT  services  organiza¬ 
tions  are  equal,  so  CIOs  need 
to  scrutinize  them  carefully, 


he  advises.  First,  is  the  ven¬ 
dor’s  professional  services 
strategy  mature?  That  is,  does 
its  business  model  make 
sense,  and  is  it  attacking  the 
right  verticals  or  services 
specialities?  Second,  Lah  says, 
make  sure  your  vendor’s  ser¬ 
vices  group  has  the  right  in¬ 
frastructure.  Is  it  staffed  ap¬ 
propriately?  Are  its  opera¬ 
tions  automated?  Finally,  Lah 
suggests  that  you  should 
“learn  how  embedded  the 
culture  of  professional  ser¬ 
vices  [is]  in  the  company.”  If 
a  vendor  is  more  interested  in 
selling  you  widgets  than  in 
learning  about  your  overall 
IT  issues,  you  might  want  to 
opt  for  another  one,  he  says. 

European  Union  rules 
on  safer  hardware . . . 

. . .  have  produced  a  “picture 
of  inaction  and  confusion.”  So 

says  Peter  West,  vice  presi¬ 
dent  of  marketing  at  River- 
One  Inc.  in  Irvine,  Calif.  Two 
EU  directives  —  one  dealing 
with  the  disposal  of  electrical 
and  electronic  equipment, 
and  the  other  focusing  on  re¬ 


ducing  the 
use  of  haz¬ 
ardous  sub¬ 
stances  — 
are  set  to 
take  effect 
next  July. 

They  will 
regulate  the 
chemical 
compounds 
used  in  computers  and  other 
hardware  and  define  what 
can  and  can’t  go  into  Europe’s 
landfills.  West  calls  the  new 
rules  “a  major  supply  chain 
issue”  for  IT  vendors  and 
users.  According  to  West, 
RiverOne’s  Interactive  6.5 
software  tool,  which  is  due  to 
ship  by  the  end  of  the  year, 
will  be  able  to  track  IT  gear 
from  the  moment  the  equip¬ 
ment  hits  your  SAP-based 
ERP  system.  That  should  help 
users  “prove  compliance  for  a 
whole  [product]  and  not  just 
the  individual  parts,”  he  says. 

Compliance  tools 
keep  coming . . . 

. . .  and  coming  and  coming. 
The  latest  is  a  free  download 
available  this  week  from  Bind- 
View  Corp.  in  Houston.  Steve 
Kahan,  BindView’s  vice  presi¬ 
dent  of  marketing,  says  BV- 
CAT  walks 
you  through 
a  series  of 
questions  to 
evaluate  the 
efficiency  of 
your  regula¬ 
tory  compli¬ 
ance  process¬ 
es.  The  tool 
can  also  run 
configuration 
checks  on  a 
computer 
to  determine  whether  it  will 
pass  muster  in  an  audit. 

Kahan  claims  BV-CAT  can 
help  assess  compliance  with 
Basel  II,  the  Sarbanes-Oxley 
Act,  the  Federal  Information 
Security  Management  Act, 
the  Payment  Card  Industry 
Data  Security  Standard  and 
the  Gramm-Leach-Bliley  Act. 


LAH 

says  IT 
professional 
services  are 
critical  to  CIOs. 


KAHAN; 

Free 

compliance 
tool  is  ready  to 
download. 


46% 

IDC’s2005 
estimate  for 
thin-client 
growth  over 
last  year. 


Support  for  the  Health  Insur¬ 
ance  Portability  and  Account¬ 
ability  Act  is  next,  he  says. 

The  thin-client  market 
is  thickening . . . 

. . .  vendors’  wallets.  That’s  the 
word  from  the  top  two  thin- 
client  makers  —  Neoware 
Systems  Inc.  in  King  of  Prus¬ 
sia,  Pa.,  and  Wyse  Technology 
Inc.  in  San  Jose.  Neoware 
CEO  Michael  Kantrowitz  says 
there  has  been  “a  seismic 
shift”  away  from  deploying 
fully  distributed  computing 
systems.  CIOs  have  learned 
that  a  pure  distributed  com¬ 
puting  environment  isn’t  effi¬ 
cient,  he  says.  Ironically,  Mi¬ 
crosoft  Corp. 
helped  shake 
up  IT’s  devo¬ 
tion  to  PC¬ 
centric  think¬ 
ing  by  giving 
Windows 
Server  2003 
the  ability  to 
handle  thin 
clients,  Kantrowitz  notes. 
Wyse  CEO  John  Kisch  sees 
three  different  forces  behind 
a  recent  growth  spurt  in  his 
company’s  business.  First,  se¬ 
curity  problems  are  greatly 
minimized  by  a  lack  of  hard 
drives  on  thin  clients,  Kisch 
says.  Then  there’s  Japan’s  Per¬ 
sonal  Information  Protection 
Act.  That  law,  he  says,  makes 
it  a  crime  to  store  customer 
data  on  PCs.  It  was  driven  by 
a  scandal  in  which  personal 
information  on  4.5  million 
broadband  services  sub¬ 
scribers  was  lost  from  a  PC. 
Finally,  Kisch  says,  CIOs  are 
trying  to  validate  their  invest¬ 
ments  in  back-end  systems 
infrastructure  by  swapping 
out  pricey  PCs  for  low-cost 
thin  clients.  Bob  O’Donnell, 
an  analyst  at  IDC,  thinks  PC 
security  problems  and  im¬ 
proved  network  reliability  are 
spurring  “dramatic”  growth 
in  the  thin-client  market. 

And,  he  argues,  “the  trends 
are  just  starting  to  resonate 
with  IT.”  ©  57161 
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□  CAN  IT  HELP  CONTROL  COSTS  AS  WE  GROW  r 

□  CAN  WE  DEPLOY  IT  QUICKLY 

□  ARE  THERE  HIDDEN  COSTS 

□  IS  IT  LINUX 

□  OR  WINDOWS  SERVER 


efGET  THE  FACTS. 


RAYOVAC  CHOSE  WINDOWS  SERVER 
SYSTEM  AND  EXPECTS  TO  SAVE  NEARLY 
ONE  MILLION  DOLLARS. 


"By  choosing  Windows  Server™  over  Linux  for  our 
new  SAP  APO  solution,  well  save  an  estimated  one 
million  dollars  in  software,  staffing,  and  support  costs 
over  the  first  four  years.  We  needed  performance, 
security  enhancements,  and  reliability  at  a  reasonable 
price,  and  Linux  would  have  presented  additional 
risks  in  all  of  those  areas.  It  may  be  the  new  thing 
from  a  technical  perspective,  but  Linux  doesn't  cut 
it  from  a  business  perspective — I  need  a  proven  IT 
environment  that  I'm  sure  we  can  support." 

-Rick  Dempsey,  Chief  Information 
Officer.  Ravovac 


For  these  and  other  third-party  findings,  go  to 

microsoft.com/getthefacts 


Windows 
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SAP,  Oracle  Stage  Events  to  Plug  Middleware 


BY  MARC  L.  SONGINI 

BOSTON 

HE  TWO  MAJOR  rivals 
in  the  business  ap¬ 
plications  business, 
SAP  AG  and  Oracle 
Corp.,  touted  their  middle¬ 
ware  offerings  while  tossing 
barbs  at  each  other  before  sep¬ 
arate  audiences  here  last  week. 

At  its  TechEd  2005  user 
conference,  SAP  unveiled  the 
Enterprise  Services  Commu¬ 
nity  Process,  a  public  forum 
where  SAP  customers  and 
third-party  vendors  can  offer 
potential  upgrades  to  the  com¬ 
pany’s  Web-services-based 
Enterprise  Service  Architec¬ 
ture.  A  crucial  part  of  SAP’s 
strategy,  the  ESA  blueprint 
is  enabled  by  the  vendor’s 
NetWeaver  middleware  tech¬ 
nology. 

At  the  same  time,  a  mile  or 
two  away,  Oracle  officials 


plugged  their  company’s  Fu¬ 
sion  middleware,  a  repackag¬ 
ing  of  its  application  server 
and  portal  products.  Oracle 
is  also  stamping  the  Fusion 
moniker  on  its  upcoming  ap¬ 
plication  suite,  in  which  it  will 
merge  its  products  with  those 
of  the  companies  it  has  ac¬ 
quired,  such  as  PeopleSoft  Inc. 
and  Siebel  Systems  Inc. 

Peter  Graf,  executive  vice 
president  of  solution  market¬ 
ing  at  SAP,  described  the  Ora¬ 
cle  middleware  as  a  consolida¬ 
tion  of  past  technologies.  On 
the  other  hand,  he  said,  Net- 
Weaver  is  new  technology. 

During  Oracle’s  executive 
briefing  on  middleware, 
Thomas  Kurian,  the  vendor’s 
senior  vice  president  of  mid¬ 
dleware  development,  criti¬ 
cized  NetWeaver  for  being 
based  on  the  proprietary  Ad¬ 
vanced  Business  Application 


Enterprise  Services 
Ckm; 

THE  BASICS: 

A  forum  for  SAP  customers 
and  ISVs  and  integrators  to 
collaborate  on  SAP’s  Enter¬ 
prise  Service  Architecture. 

ESA  is  enabled  by  SAP’s  Net 
Weaver  middleware  platform. 

Companies  that  incorporate 
ESA  technology  into  products 
will  receive  an  “Enterprise 
Services  Ready”  designation. 


Programming  language.  Ora¬ 
cle,  however,  bases  Fusion  on 
the  Business  Process  Execu¬ 
tion  Language,  which  “is  au¬ 
thored  by  a  bunch  of  players,” 
Kurian  said. 

“More  SAP  customers 
use  Fusion  middleware  as  en¬ 
terprise  middleware  today 
than  than  NetWeaver  by  far,” 


Kurian  contended. 

The  vice  president  of  IT  at 
a  company  that  has  one  the 
largest  SAP  implementations 
said  NetWeaver  helps  his  firm 
align  SAP  products  with  other 
Web-enabled  applications. 

The  company,  which  he 
asked  not  be  named,  runs 
SAP’s  ERP  software  and  Self 
Service  modules.  The  modules 
operate  with  the  Enterprise 
Portal,  a  component  of  Net- 
Weaver,  said  the  executive, 
who  asked  not  to  be  identified. 

The  executive  said  he’s  con¬ 
sidering  using  NetWeaver  in 
custom  development  projects. 
And,  he  said,  the  Community 
Process  initiative  could  help 
expand  the  number  of  part¬ 
ners  in  SAP’s  ESA  “ecosystem” 
and  help  drive  further  adop¬ 
tion  of  NetWeaver. 

Fusion  middleware  —  in¬ 
cluding  the  Oracle  application 


server  and  portal  —  is  crucial 
technology  at  Aviva  Life  In¬ 
surance  Co.,  said  Chief  Tech¬ 
nology  Officer  Greg  Partyka,  a 
speaker  at  the  Oracle  briefing. 

The  Quincy,  Mass.-based 
insurer  has  a  mix  of  systems, 
including  mainframe-based 
Cobol  applications,  that  re¬ 
quire  Oracle  middleware  to 
help  create  integrated  busi¬ 
ness  processes,  said  Partyka. 

The  Fusion  software  is  used 
to  transform  data  that  cus¬ 
tomers  provide  into  a  usable 
format,  he  said.  The  integration 
software  gives  Aviva  the  flexi¬ 
bility  to  invest  in  applications 
without  worrying  about  them 
growing  obsolete,  he  added. 

Partyka  said  the  insurance 
firm  also  intends  to  use  Fusion 
to  link  disparate  systems  and 
launch  Web-services-based 
service-oriented  architecture 
processes.  ©  57206 


Survey  Finds  Good  Communication 
Key  to  Managing  Data  Breaches 


BY  JAIKUMAR  VIJAYAN 

Effective  communication  can 
help  companies  limit  the  dam¬ 
age  to  their  reputations  and 
the  loss  of  business  that  can 
result  from  security  breaches 
in  which  customers’  personal 
data  is  exposed. 

That  was  one  of  the  findings 
from  an  e-mail  survey  of  more 
than  1,100  individuals  who 
identified  themselves  as  being 
victims  of  security  breaches. 
The  survey  was  conducted 
during  the  summer  by  the 
Tucson,  Ariz.-based  Ponemon 
Institute,  and  the  results  were 
released  last  week. 

Nearly  20%  of  the  respon¬ 
dents  said  they  had  terminat¬ 
ed  their  relationships  with  the 
companies  that  lost  their  data, 
while  another  40%  said  they 
might  do  so,  according  to  Lar¬ 
ry  Ponemon,  the  institute’s 
founder.  But  the  fact  that  al¬ 
most  12%  of  the  respondents 
said  that  their  confidence  in 
the  companies  had  actually  in¬ 
creased  after  they  were  noti¬ 
fied  of  security  breaches 


Trust  Buster 

Survey 
respon¬ 
dents 
who  said 
a  security  breach  had  decreased 
their  trust  and  confidence  in  the 
affected  organization. 

BASE:  1,109  U  S.  RESIDENTS 


SOURCE:  PONEMON  INSTITUTE.  TUCSON,  ARIZ. 


points  to  the  value  of  good 
communication,  he  added. 

Companies  that  are  straight¬ 
forward  in  disclosing  what 
they  know  about  breaches  are 
likely  to  see  far  fewer  cus¬ 
tomer  defections  than  busi¬ 
nesses  that  are  evasive  about 
the  details,  Ponemon  said. 

The  form  that  the  notifica¬ 
tion  takes  also  appears  to  in¬ 
fluence  customers.  For  in¬ 
stance,  standard  form  letters 
and  e-mail  messages  are 
viewed  far  more  skeptically 
than  personalized  letters  and 
phone  calls,  Ponemon  said. 

David  Bender,  co-chairman 
of  the  privacy  practice  at  New 


York-based  law  firm  White  & 
Case  LLC,  the  sponsor  of  the 
survey,  said  that  although  it’s 
reasonable  to  expect  some 
customers  to  give  up  on  a 
company  after  it  suffers  a 
well-publicized  breach,  the 
percentages  in  the  survey 
were  a  surprise  to  him. 

“No  one  expects  the  conse¬ 
quences  will  be  good,”  Bender 
said.  But,  he  added,  it  is  un¬ 
clear  “just  how  serious  the 
ramifications  can  be.” 

The  extent  of  the  fallout  also 
depends  on  the  type  of  organi¬ 
zation  that  loses  the  data,  said 
Christopher  Pierson,  a  lawyer 
at  Lewis  &  Roca  LLC  in  Phoe¬ 
nix.  Bank  customers,  for  exam¬ 
ple,  can  take  their  business 
elsewhere.  But  the  same  isn’t 
always  true  for,  say,  college  stu¬ 
dents  or  patients  of  health  care 
providers,  he  said.  ©  57205 


BE  PREPARED 

Security  breaches  are  all  but  inevitable. 
So  it's  a  good  idea  to  have  a  plan  in  place 
for  how  your  company  will  respond  when 
something  happens.  See  page  39. 


Iron  Mountain  Touts  Value  of  Encryption 


OFF-SITE  DATA  ARCHIVING 

vendor  Iron  Mountain  Inc.  last 
week  signed  a  deal  to  use  De¬ 
em  Inc.’s  technology  to  encrypt 
all  of  its  internal  data  that's 
backed  up  to  digital  tape. 

Iron  Mountain  executives 
said  the  move  was  made  in 
part  to  set  an  example  for  cus¬ 
tomers,  though  IT  managers  at 
the  Storage  Decisions  confer¬ 
ence  in  New  York  last  week 
downplayed  the  need  for  such 
tools. 

Leonard  Lu,  a  network  archi¬ 
tect  at  TD  Waterhouse  Group 
Inc.  in  New  York,  said  his  net¬ 
work  provides  security  for  data 
that’s  actively  being  used.  Lu 
said  that  encrypting  archived 
data  is  simply  too  much  of  a 
hassle.  “The  question  is,  do  we 
want  to  encrypt  data  right  down 
to  the  last  digit?”  he  said. 

Despite  those  doubts,  “we’re 
trying  to  make  sure  the  industry 
is  aware  that  encryption  is  a  key 
technology  to  be  embraced," 
said  Kevin  Roden,  CIO  at 
Boston-based  Iron  Mountain. 

Since  February,  security 


breaches  have  led  to  the  loss  of 
unencrypted  data  at  several 
high-profile  companies,  includ¬ 
ing  Bank  of  America  Corp., 
Ameritrade  Holding  Corp., 
ChoicePoint  Inc.,  LexisNexis 
Group  and  Time  Warner  Inc. 

In  Time  Warner’s  case,  tapes 
that  contained  private  informa¬ 
tion  on  600,000  former  and 
current  employees  were  lost  in 
May  during  a  routine  shipment 
to  an  Iron  Mountain  archival 
facility  [QuickLink  54267], 

Iron  Mountain  said  that  while 
there  are  several  options  for  im¬ 
plementing  encryption  -  includ¬ 
ing  backup  software  and  appli¬ 
cation-based  technology  - 
large  companies  with  expand¬ 
ing  volumes  of  information  and 
shrinking  backup  windows 
need  faster  throughput  for 
backing  up  data. 

“We  had  to  find  a  solution  to 
encrypt  our  data  and  still  main¬ 
tain  backup  windows.  That 
ruled  out  software-based  en¬ 
cryption,  which  introduces  sub¬ 
stantial  overhead,”  Roden  said. 

-  Lucas  Mearian 


NETWORK 

The  largest  and  fastest 
national  wireless  data  network. 
The  largest  U.S.  provider  on 
the  global  standard. 


EXPERTISE 

Our  people  and  partners 
make  wireless  work  for 
more  businesses  than  any 
other  wireless  carrier. 


APPLICATIONS 

The  broadest  and  deepest 
portfolio  of  wireless 
business  solutions. 


SERVICE 

24/7  enterprise-grade 
support.  And  a  service 
staff  dedicated  solely 
to  business  people. 


real  time 


gets  Corporate 


Express  there  in  no  time. 


With  its  24/7  dedicated  business 
service  team,  Cingular  gave 
Corporate  Express  the  support, 
training,  and  technology  needed 
to  migrate  from  a  paper-based 
delivery  system  to  a  real-time 
wireless  solution.  From  system 
installation  and  operation  to 
employee  training,  the  Cingular 
service  team  ensured  a  seamless 
transition  to  the  ALLOVER™  network,  the  largest  digital  voice  and 
data  network  in  America.  For  the  leader  in  office  supplies,  Cingular 
increased  driver  productivity  while  reducing  administrative  costs. 


CINGULAR  MAKES  BUSINESS  RUN  BETTER 


X  cingular 

raising  the  bari.iili 


Find  out  how  Cingular  can  make  your  business  run  better: 

CALL  your  account  representative  -or-  CLICK  cingular.com/businessleader 


Circular's  ALLOVER  data  network  covers  over  250  million  people  and  is  growing. 

Coverage  is  not  available  in  all  areas.  Global  coverage  based  on  coverage  in  174  countries.  Fastest  claim  compares  Angular's  measured  speed  of  its  EDGE 
network  to  other  carriers'  speed  claims  for  their  national  data  networks.  All  marks  property  of  their  respective  owners.  ©2005  Cingular  Wireless.  All  rights  reserved. 
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RIM  Commits  to 
Intel's  Hermon  Chip 

Research  In  Motion  Ltd.  has 
agreed  to  use  Intel  Corp.’s  mobile 
processor,  code-named  Hermon, 
in  its  BlackBerry  devices,  the 
companies  said  last  week  at  the 
CTIA  Wireless  IT  and  Entertain¬ 
ment  conference  in  San  Francis¬ 
co.  RIM  is  the  first  company  to 
publicly  commit  to  the  Hermon 
chip,  which  is  slated  to  be  official¬ 
ly  released  later  this  year. 


Dell,  TRW  Extend 
Pact  by  Three  Years 

Dell  Inc.  said  it  has  signed  a  three- 
year  extension  of  its  contract 
with  TRW  Automotive  Holdings 
Corp.  Under  terms  of  the  deal, 
automotive  supplier  TRW  will 
standardize  on  Dell  enterprise 
products  and  services  for  its 
200-plus  facilities  in  24  countries 
throughout  North  and  South 
America,  Europe,  Africa  and  the 
Asia-Pacific  region.  The  value  of 
the  deal  wasn’t  disclosed. 


Cisco,  Trend  Micro 
Unveil  Service 

Cisco  Systems  Inc.  and  Trend 
Micro  Inc.  have  jointly  developed 
a  security  service  for  Cisco  net¬ 
working  products  that’s  designed 
to  curb  the  spread  of  worms  and 
viruses.  The  new  service,  called 
the  Cisco  Incident  Control  Sys¬ 
tem,  will  help  administrators  set 
network  security  policies  on  Cisco 
hardware,  based  on  information 
provided  by  Trend  Micro. 


Microsoft,  Intel 
Back  HD-DVD 

Microsoft  Corp.  and  Intel  Corp. 
plan  to  back  HD-DVD,  the  next- 
generation  DVD  storage  format 
being  developed  by  the  DVD  Fo¬ 
rum.  The  two  vendors  joined  the 
HD-  DVD  Promotion  Group,  which 
promotes  adoption  of  the  optical 
disc  format.  Microsoft  had  previ¬ 
ously  remained  neutral  in  the  bat¬ 
tle  between  the  HD-DVD  and  Blu- 
ray  Disc  optical  disc  formats. 


Microsoft,  Symantec 


Ready  CDP  Products 


Disk-to-disk  technology  promises  to  cut 
costs,  speed  backup  and  restores  of  data 


BY  LUCAS  MEAR1AN 

Microsoft  Corp. 

and  Symantec 
Corp.  last  week 
each  announced 
the  availability  of  continuous 
data  protection  (CDP)  prod¬ 
ucts  that  can  back  up  incre¬ 
mental  copies  of  files  to  local 
servers  and  restore  them  in 
seconds. 

Cupertino,  Calif. -based 
Symantec  went  a  step  further 
with  the  unveiling  of  a  sepa¬ 
rate  application  to  help  IT 
managers  restore  the  Win¬ 
dows  Server  2003  operating 
system  locally  and  remotely. 

Bob  Graham,  senior  vice 
president  of  information  sys¬ 
tems  at  Farmers  &  Merchants 
Bank  Corp.  in  Timberville,  Va., 
has  been  beta-testing  Syman¬ 
tec’s  disk-to-disk  Backup  Exec 
lOd  with  CDP  and  plans  to  buy 
it  next  month. 

Since  installing  the  new  sys¬ 
tem,  the  bank  has  been  using  a 
new  Dell  Inc.  network-attached 
storage  array  to  back  up  48 
servers  in  21  branch  offices. 

Before  installing  the  CDP 
software  and  NAS  array,  the 
bank  used  tape  backup  sys¬ 
tems,  and  restores  took  two 
days  on  average.  Once  the  disk- 
to-disk  technology  is  fully  in¬ 
stalled,  restores  will  take  about 
five  minutes,  Graham  said. 

New  Offerings 

The  Symantec  software,  avail¬ 
able  Oct.  10,  allows  workers  to 
restore  files  through  a  Web- 
based  interface. 

The  second  new  Symantec 
offering,  LiveState  Recovery 
6.0,  can  restore  Windows 
Server  2003  to  physical  or 
virtual  servers  such  as  those 
from  VMware  Inc.  or  Micro¬ 
soft’s  Virtual  Server  2005. 

The  Microsoft  disk-to-disk 
backup  product,  Data  Protec¬ 
tion  Manager  (DPM),  can 


save  up  to  eight  snapshots 
of  data  off  Windows  servers 
throughout  the  day,  allowing 
IT  administrators  to  restore 
Files  from  disks  faster  and 
use  a  larger  number  of  data 
points  from  which  to  recover 
information. 

Microsoft  announced  DPM 
a  year  ago  [QuickLink  49553]. 

James  Tarala,  CIO  and  chief 
technology  officer  at  Schenck 
Business  Solutions,  recently 
purchased  DPM  and  expects 
that  it  will  eliminate  daily  tape 


backups  at  11  remote  offices. 
He  plans  to  replicate  snap¬ 
shots  to  three  new  EqualLogic 
Inc.  iSCSI  storage  arrays  at  his 
primary  data  center  in  Apple- 
ton,  Wis. 

“One  thing  I  like  is  that  the 
DPM  product  is  less  expen¬ 
sive”  and  works  faster  than 
full  or  incremental  tape  back¬ 
ups,  Tarala  said. 

CDP  products  come  in  two 
iterations.  Those  like  IBM’s 
[QuickLink  56459],  which 
record  every  change  to  data  at 
the  byte  level,  allow  IT  admin¬ 
istrators  to  restore  to  any 
point  in  time.  Those  like  the 
Microsoft  and  Symantec  tools, 


which  take  periodic  snapshots 
of  data,  allow  recovery  back  to 
specific  points  in  time. 

Whichever  model  is  used, 
CDP  can  dramatically  improve 
the  speed  of  data  restoration 
as  well  as  the  recovery  point 
objectives  when  compared 
with  traditional  incremental 
or  full  backups,  said  Brian 
Babineau,  an  analyst  at  Enter¬ 
prise  Strategy  Group  Inc.  in 
Milford,  Mass.  0  57202 


CDP 

Pricing 

Symantec’s  LiveState  Recov¬ 
ery  6.0:  $1,695  per  server 

Symantec’s  Backup  Exec  lOd: 
$795  per  server,  $295  per  agent 

Microsoft's  Data  Protection 
Manager:  $950  per  server 


Novell  Server  Was  Used  to  Look  for 
Vulnerable  Ports  on  Other  Computers 


Vendor  confirms 
scanning  activity, 
disputes  amount 

BY  JAIKUMAR  VIJAYAN 

A  server  belonging  to  Novell 
Inc.  was  hacked  into  and  then 
used  to  scan  for  vulnerable 
ports  on  other  computers,  ac¬ 
cording  to  an  Internet  security 
consultant  who  reported  the 
problem  to  Novell  last  week. 

Chris  Brandon,  president  of 
Brandon  Internet  Security  in 
Alexandria,  Va.,  said  he  was 
first  alerted  to  the  problem 
when  a  client  reported  scan¬ 
ning  activity  on  its  systems. 
According  to  Brandon,  the 
scans  began  Sept.  21  and  were 
targeted  at  TCP  Port  22  —  the 
default  port  for  Secure  Shell 
services.  SSH  programs  are 
used  to  log  into  other  comput¬ 
ers  over  a  network  or  to  exe¬ 
cute  remote  commands  and 
move  files  among  machines  in 
a  secure  fashion. 

Brandon  said  he  traced  the 
scans  to  a  server  with  an  IP 
address  assigned  to  Novell. 

He  added  that  the  system 


appeared  to  be  running  a  mail 
server  for  a  gaming  site  called 
Neticus.com  that  was  hosted 
on  a  separate  server  also 
belonging  to  Novell. 

Brandon  made  logs  docu¬ 
menting  the  scans  available  to 
Computerworld.  He  claimed 
that  judging  by  the  large  num¬ 
ber  of  IP  blocks  that  were 
scanned,  “millions”  of  com¬ 
puters  may  have  been  probed 
for  SSH-related  weaknesses. 

Investigation  Continues 

Kevan  Barney,  a  Novell 
spokesman,  confirmed  that 
one  of  the  company’s  servers 
had  been  scanning  other  sys¬ 
tems.  But  he  said  that  as  of  last 
Friday,  the  company’s  IT  staff 
was  still  investigating  whether 
the  server  had  actually  been 
hacked  into  from  the  outside, 
as  Brandon  asserted. 

Barney  also  said  that  the 
server  doing  the  scans  wasn’t 
running  a  mail  server  for  the 
gaming  site.  Instead,  it  was  a 
test  server  that  was  installed 
outside  of  Novell’s  firewalls, 
he  said,  adding  that  the  server 
has  run  different  operating 


systems  at  various  times. 

In  addition,  Novell  is  chal¬ 
lenging  Brandon’s  claim  that 
its  server  was  used  to  scan 
millions  of  other  computers. 
“We  see  no  evidence  that  the 
scans  were  so  widespread,  so 
we  aren’t  sure  how  he  came 
up  with  that  number,”  Barney 
said.  He  added  that  it’s  hard  to 
know  precisely  how  many  sys¬ 
tems  were  scanned. 

During  the  course  of  its 
investigation,  Novell  did  find  a 
separate  company-owned 
server  that  was  hosting  the 
Neticus.com  game  site.  But 
that  server  was  in  no  way  con¬ 
nected  to  the  scanning  activi¬ 
ty,  Barney  maintained.  The 
game  site,  which  was  run  by  a 
single  employee,  has  since 
been  taken  down,  he  added. 

Neticus  is  the  name  of  a 
now-defunct  Internet  service 
provider  owned  by  Novell  that 
provided  its  employees  with 
access  to  the  Internet,  e-mail 
and  newsgroups.  Barney  said 
Novell  officials  are  looking 
into  how  and  why  a  Neticus 
server  came  to  be  used  to  host 
a  game  site.  0  57199 
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A  successful  mobile  mission  accomplished  in  record  speed. 


ThinkPad 


ThinkPad®  is  a  product  of  Lenovo. 


X41  Tablet 


ThinkPad 


Starting  at  *1, 899.00  i8695cu 


Source  Code:  AD021 

Insight  and  the  Insight  logo  are  registered  trademarks  of  Insight  Direct  USA,  Inc.  IT  For  The  Way  You  Work  is  a  trademark  of  Insight  Direct  USA,  Inc.  All  other  trademarks, 

registered  trademarks,  photos,  logos  and  illustrations  are  property  of  their  respective  owners. 

©2005  Insight  Direct  USA,  Inc.  All  rights  reserved. 


FOR  THE  MOBILE 
WORKFORCE 


Connect  to  the  people  and  information  that  count 
with  Insight.  As  one  of  the  world’s  largest  providers 
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Microsoft  to  Double 
Workers  at  Indian  Unit 

BANGALORE,  INDIA 

icrosoft  corp.  will  nearly 
double  the  workforce  at  its 
Indian  subsidiary’s  facilities  in 
Hyderabad  and  Bangalore  by  next 
March,  according  to  sources  familiar 
with  the  plan.  The  sources  last  week 
confirmed  news  reports  from  Hyder¬ 
abad,  where  Microsoft  has  a  large 
development  operation. 

Once  the  hiring  effort  is  completed, 
Microsoft  India  will  employ  about  3,000 
workers  in  Hyderabad  and  Bangalore, 
the  sources  said.  Officials  at  Microsoft 
India  weren’t  available  for  comment. 

In  Hyderabad,  Microsoft  currently 
employs  600  software  developers  at 
one  product  development  center  and 
another  500  at  a  second  facility.  The 
company’s  Bangalore- 
based  Global  Technical 
Support  Center,  which 
provides  phone  and  e-mail 
support  to  Microsoft 
users,  has  about  500 
workers. 

Late  last  year,  Microsoft 
CEO  Steve  Ballmer  told 
reporters  in  Hyderabad 
that  the  company  planned 
to  hire  hundreds  of  new 


workers  in  India  during  2005.  At  the 
time,  Ballmer  promised  that  the  Indian 
hirings  wouldn’t  lead  to  a  loss  of  jobs 
in  the  U.S. 

■  JOHN  RIBEIR0,  IDG  NEWS  SERVICE 


German  Insurer,  Doctors 
Test  E-health  Cards 

D0SSELDORF,  GERMANY 

T -SYSTEMS  INTERNATIONAL  GMBH, 

the  IT  services  arm  of  Deutsche 
Telekom  AG,  is  collaborating  with 
a  German  health  care  and  insurance 
group  to  test  electronic  health  cards 
ahead  of  a  government  mandate  to  in¬ 
troduce  the  technology  in  Germany 
next  year.  The  pilot,  launched  last 
week,  involves  three  doctors’  offices, 

50  patients  of  the  health  care  provider 
Bundesknappschaft  and  a  hospital  in 
the  city  of  Bottrop. 

T-Systems  is  moving 
ahead  with  the  pilot  even 
though  government  IT  of¬ 
ficials  have  yet  to  finalize 
standards  for  the  systems. 
In  addition,  health  care 
providers  and  insurance 
companies  have  yet  to 
agree  on  where  and  how 
patient  files  will  be  elec¬ 
tronically  stored,  said 
Volker  Apel,  health  care 
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project  director  at  T-Systems. 

Once  the  pilot  project  is  completed, 
T-Systems  and  Bundesknappschaft 
plan  to  equip  20,000  insured  patients 
and  75  physicians  with  the  electronic 
cards  during  next  year’s  first  quarter. 
■  JOHN  BLAU.  IDG  NEWS  SERVICE 


China  Looks  to  Tighten 
Control  of  Online  News 

BEIJING 

THE  CHINESE  GOVERNMENT  has 
created  a  new  set  of  regulations 
intended  to  tighten  control  over 
news  reported  on  the  Internet. 

The  rules  replace  a  set  of  regulations 
implemented  in  2000  and  go  into  ef¬ 
fect  immediately,  according  to  Xinhua, 
the  official  Chinese  news  agency.  The 
regulations  were  developed  by  China’s 
Ministry  of  Information  Industry  and 
the  State  Council,  the  country’s  highest 
administrative  body. 

The  new  guidelines  encourage  Inter¬ 
net  news  sites  to  report  news  that  is 
“healthy”  and  promotes  economic  and 
social  progress,  Xinhua  said. 

What  impact  the  new  regulations 
will  have  wasn’t  immediately  clear. 

The  enforcement  of  government  regu¬ 
lations  isn’t  always  consistent  and  can 
fluctuate  depending  on  political  priori¬ 
ties,  said  Duncan  Clark,  managing  di¬ 
rector  at  BDA  China  Ltd.,  a  consulting 
firm  in  Beijing.  ©  57149 
■  SUMNER  LEMON,  IDG  NEWS  SERVICE 


Compiled  by  Mike  Bucken. 


Briefly  Noted 

Karvy  Consultants  Ltd.  in  Hyder¬ 
abad,  India,  has  set  up  a  business 
process  outsourcing  unit  called 
Karvy  Global  Services  Ltd.  The  new 
business,  which  will  be  officially 
launched  this  month,  now  employs 
250  people  and  plans  to  have 
4,000  workers  within  five  years. 

■  JOHN  RIBEIR0,  IDG  NEWS  SERVICE 


The  World  Health  Organization 

has  selected  Satyam  Computer 
Services  Ltd.  in  Hyderabad  to  im¬ 
plement  an  ERP  system  throughout 
the  WHO’s  offices  in  more  than  140 
countries.  The  Global  Management 
System  will  be  based  on  Oracle 
Corp.’s  applications. 


Toshiba  Corp.  plans  to  show  its 
first  notebook  computer  with  a 
built-in  HD-DVD  drive  at  the  Ceatec 
Japan  2005  exhibition  next  month. 
The  next-generation  DVD  format, 
developed  by  the  DVD  Forum,  will 
be  incorporated  in  Toshiba’s  high- 
end  Qosmio  notebook  line. 

■  SUMNER  LEMON.  IDG  NEWS  SERVICE 


IT  Groups  Push  Congress  to  Raise  H-1B  Visa  Limits 


BY  PATRICK  THIBODEAU 

Nikita  Dolgov  is  a  software  en¬ 
gineer  who  lives  in  Moscow 
and  would  like  to  get  an  H-1B 
visa  to  work  in  the  U.S.  He’s 
aware  of  the  controversy  sur¬ 
rounding  the  visa  program, 
but  that  hasn’t  lessened  his 
desire  to  work  here. 

“This  is  the  original  country 
for  computer  science,”  Dolgov 
said  of  the  U.S.  during  a  tele¬ 
phone  interview  last  week. 
“This  is  the  ultimate  place.” 

But  it’s  getting  harder  for 
people  like  Dolgov  to  get  into 
the  U.S.  The  cap  of  65,000  new 
visas  for  the  federal  govern¬ 
ment’s  2006  fiscal  year,  which 
began  Oct.  1,  was  reached  in 
August  —  the  earliest  that 
has  ever  happened.  Dolgov 
tried  to  get  a  visa,  but  his 


application  arrived  too  late. 

There’s  now  a  push  by  high- 
tech  industry  groups  to  get  the 
cap  adjusted  by  Congress  be¬ 
fore  it  adjourns  this  year.  But 
whatever  happens  is  likely  to 
be  part  of  a  broader  immigra¬ 
tion  reform  package,  accord¬ 
ing  to  industry  lobbyists  and 
others  seeking  changes. 

Among  the  ideas  that  may 
appear  in  legislative  proposals 
is  a  flexible  cap  that  would 
provide  a  method  for  increas¬ 
ing  the  annual  H-1B  limits 
once  a  certain  level  is  reached. 
That  would  allow  the  number 
of  new  visas  to  “rise  as  need¬ 
ed,”  said  Lynn  Shotwell,  exec¬ 
utive  director  of  the  American 
Council  on  International  Per¬ 
sonnel,  a  Washington-based 
group  that  represents  compa¬ 


nies  on  immigration  issues. 

Proposed  reforms  may  also 
include  a  measure  to  allow 
some  foreign  workers,  in  par¬ 
ticular  those  who  hold  ad¬ 
vanced  degrees  from  U.S.  uni¬ 
versities,  to  get  permanent 
residency  and  bypass  the  H-1B 
program,  according  to  people 
familiar  with  the  efforts. 

Supporters  of  a  higher  H-1B 
cap,  such  as  Harris  Miller, 
president  of  the  Information 
Technology  Association  of 
America  in  Arlington,  Va., 
aren’t  sure  Congress  will  act 
on  the  issue  this  year  because 
hurricane  relief  issues  are  tak¬ 
ing  precedence.  But  Miller 
said  that  the  use  of  foreign 
workers  is  critical  to  U.S.  com¬ 
panies  and  that  the  exhausted 
fiscal  2006  cap  is  an  “example 


of  the  U.S.  hurting  its  global 
competitiveness.” 

U.S.  employers  aren’t  with¬ 
out  options,  however. 

Congress  last  year  approved 
an  additional  20,000  visas  an¬ 
nually  beyond  the  cap,  specifi¬ 
cally  for  foreign  nationals  who 
have  earned  advanced  degrees 
in  the  U.S.  More  than  13,000  of 
those  visas  have  been  claimed 
for  the  new  fiscal  year,  and 
Shotwell  thinks  the  remainder 


POSSIBLE  LEGISLATION 


Proposed  changes  to  the 
H-1B  program  may  include: 

■  A  flexible  cap  on  new  visas. 

■  Permanent  residency  for  people  who 
hold  advanced  degrees  from  U.S. 
schools,  with  no  need  for  them  to 
secure  H-1B  visas. 


will  be  gone  by  December. 

U.S.  companies  can  also  hire 
Australian  citizens  under  the 
new  E-3  visa  program.  The  E-3 
has  been  compared  to  the  H-1B, 
but  it’s  limited  to  residents  of 
Australia  and  capped  at  10,500 
visas  per  year.  Miller  said  he’s 
skeptical  about  the  E-3  pro¬ 
gram,  adding  that  he  doesn’t 
think  many  Australian  tech¬ 
nology  workers  want  to  come 
to  the  U.S. 

But  the  willingness  of  work¬ 
ers  from  many  other  countries 
to  take  jobs  in  the  U.S.  still  ap¬ 
pears  to  be  strong. 

“There  is  no  dearth  of  jobs 
for  the  qualified  in  India,  but  a 
U.S.  job  is  quite  another  thing,” 
said  Manu  Sharma,  a  New 
Delhi-based  e-commerce  con¬ 
sultant.  “It’s  seen  as  a  career 
landmark,  like  a  prestigious 
MBA,  that  guarantees  strong 
career  growth.”  ©  57207 
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BI  Tools 

The  company  started  the 
effort  to  whittle  its  list  of  BI 
tools  in  January.  Since  then, 
the  hotelier  has  cut  its  count 
of  report  templates  from  210 
to  70,  said  Robert  Richards, 
Carlson’s  director  of  applica¬ 
tion  development. 

Two  months  ago,  Carlson 
stopped  using  one  of  the  six 
reporting  tools,  and  it  plans  to 
eliminate  the  rest  during  the 
next  18  months,  he  said. 

Having  multiple  BI  products 
made  it  difficult  for  users  to 
find  data,  and  supporting  all  of 
the  tools  left  Carlson’s  devel¬ 
opment  shop  backlogged, 
Richards  said. 

“The  key  is  making  sure  you 
don’t  do  the  development 
more  than  once,”  he  noted. 
“We’ll  be  able  to  display  infor¬ 
mation  to  the  business  much 
faster  because  IT  won’t  have 
to  support  multiple  tools.” 

The  new  scorecards  will  al¬ 
low  the  company  to  provide 
users  with  metrics  they  can 
use  to  adjust  operations  when 
necessary,  Richards  added. 

Partners  Preferred 

Union  Pacific  Railroad  Corp. 
in  Omaha  began  an  effort  two 
months  ago  to  consolidate  its 
lineup  of  BI  tools  from  Hyperi¬ 
on  Solutions  Corp.,  Informa¬ 
tion  Builders,  SAS  Institute 
Inc.,  Siebel  Systems  Inc.  and 
SPSS  Inc.,  said  Rich  Dickeson, 
director  of  business  analytics 
at  the  rail  company. 

“I  am  looking  for  companies 
that  will  play  well  together,” 
Dickeson  said.  “The  fewer 
things  I  have  to  support,  the 
better.  If  it  is  going  to  be  two 
or  three,  I  want  those  two  or 
three  to  have  partnerships 
with  each  other.” 

Dickeson  said  he  expects  a 
bit  of  pushback  from  users, 
since  some  departments  have 
five-  or  six-year  investments 
in  specific  products. 

Keith  Gile,  an  analyst  at  For¬ 
rester  Research  Inc.  in  Cam¬ 
bridge,  Mass.,  said  BI  has 
reached  a  tipping  point  as 
companies  move  to  expand  ac¬ 
cess  to  decision-support  data 
beyond  power  users  to  a  new 


HA  lot  of  these  [BI]  initiatives  are 
IT-driven.  We  have  a  tendency 
to  move  forward  at  100  miles  an  hour 
without  taking  consideration  of  the 
business  [requirements]. 


TONY  FULLER, 

Vice  president  and  CIO,  Rent-A-Center 


and  much  larger  realm  of 
users,  such  as  business  execu¬ 
tives  and  frontline  managers. 

Today,  most  companies  with 
BI  tools  offer  only  5%  to  7%  of 
their  users  access  to  the  capa¬ 
bilities,  Gile  said.  Over  the 
next  several  years,  he  expects 


that  about  half  of  the  employ¬ 
ees  within  organizations  will 
begin  to  use  the  technology. 

Such  an  expansion  will  re¬ 
quire  companies  to  reduce  the 
number  of  BI  tools  they  sup¬ 
port,  Gile  added.  “If  you  have 
15  BI  solutions  and  you  try  to 


manage  them,  pay  for  them 
and  make  sure  they’re  synchro¬ 
nized  —  you  can’t,”  he  said. 

Meanwhile,  Rent-A-Center 
Inc.  has  put  its  business  users 
in  charge  of  deciding  how  to 
use  Business  Objects  SA’s 
BusinessObjects  XI  software, 
which  Rent-A-Center  is  now 
installing,  said  Tony  Fuller, 
vice  president  and  CIO  at  the 
Plano,  Texas-based  household 
goods  rental  chain. 

Fuller  said  Rent-A-Center’s 
business  units  are  creating  the 
plans  for  the  BI  tools  effort, 
and  the  IT  operation  will  de¬ 
liver  on  those  plans. 


“That  shows  we’re  serious 
about  it  being  a  business  func¬ 
tion,”  Fuller  said.  “I  approach 
[business  executives]  as  a 
business  leader,  not  an  IT 
executive.  A  lot  of  these  initia¬ 
tives  are  IT-driven.  We  have  a 
tendency  to  move  forward  at 
100  miles  an  hour  without  tak¬ 
ing  consideration  of  the  busi¬ 
ness  [requirements].” 

The  BI  tools,  which  the 
company  will  roll  out  over  the 
next  18  months,  will  eventual¬ 
ly  be  used  by  35  or  40  execu¬ 
tives  and  managers  in  addition 
to  about  a  dozen  power  users, 
Fuller  said.  ©  57200 


Embedded  Business  Intelligence 
Spreads  to  Frontline  Workers 


BY  HEATHER  HAVENSTEIN 

SCOTTSDALE,  ARIZ. 

Companies  are  increas¬ 
ingly  maneuvering  to 
use  embedded  business 
intelligence  techniques 
to  help  frontline  work¬ 
ers  make  operational 
decisions. 

But  IT  officials  must 
make  sure  that  those 
workers  are  included 
in  the  planning  proc¬ 
ess,  said  some  users 
during  a  panel  discus¬ 
sion  at  Computer- 
world'  s  Business  Intel¬ 
ligence  Perspectives 
conference  here  last 
week. 

Irving  Tyler,  vice 
president  and  CIO  at 
Quaker  Chemical 
Corp.  in  Consho- 
hocken,  Pa.,  said  that 
all  users  in  his  organi¬ 
zation  use  BI  tools  to  make 
decisions.  But  getting  front¬ 
line  users  to  rely  on  that  data 
is  challenging  if  they  don’t 
view  the  information  as  credi¬ 
ble,  he  said. 

“You  have  to  spend  time 
demonstrating  that  this  infor¬ 
mation  comes  from  [a  valid] 
source  [so]  they  can  feel  com¬ 
fortable,”  Tyler  said. 

Quaker  has  established  clear 
lines  of  data  stewardship,  iden¬ 


tifying  managers  who 
“own”  the  data  at  the 
various  steps  of  a  proc¬ 
ess,  he  said.  “If  [work¬ 
ers]  can  put  a  credible 
face  —  a  manager  — 
behind  that  [data],  they 
will  adopt  [BI]  much 
more  readily.” 

Locate  Choke  Points 

Union  Pacific  Railroad 
Corp.  uses  BI  metrics 
to  tweak  its  rail  opera¬ 
tions  to  run  more  effec¬ 
tively.  James  Bell,  gen¬ 
eral  manager  of  operat¬ 
ing  services  at  the  Om¬ 
aha-based  railroad,  said 
the  effort’s  success  will 
depend  at  least  partial¬ 
ly  on  input  from  front¬ 
line  workers.  “You  have 
to  receive  business  in¬ 
telligence  from  the 
front  lines,”  he  said. 
“They  will  tell  you  where  the 
issues  are.” 

Union  Pacific  plans  to  use 
predictive  modeling  to  corre¬ 
late  customers’  shipping 
needs  with  rail  car  capacity, 
Bell  said.  Union  Pacific 
worked  with  experts  in  lean 
manufacturing  principles  to 
map  out  critical  operations, 
including  processing  and 
maintaining  rail  cars,  he  said. 

Injecting  BI  data  from 


transactional  systems  into 
those  processes  has  helped 
the  railroad  identify  choke 
points  that  slow  down  opera¬ 
tions  —  such  as  cars  remain¬ 
ing  in  a  terminal  for  20  hours 
for  only  one  hour  of  repair 
work. 

At  some  companies,  moving 
the  decision-making  process 
to  the  front  lines  has  been  a 
boon  for  managers. 

Jon  Farrar,  vice  president  of 
predictive  modeling  at  Union 
Bank  of  California  NA  in  San 
Francisco,  said  that  as  more 
information  has  been  fed  to 
frontline  workers  at  his  com¬ 
pany,  a  lot  of  managers  have 
been  relieved  because  they 
have  been  unburdened  of 
some  tactical  work  and  are 
able  to  focus  on  strategic 
decision  making. 

“It’s  a  whole  mind-set  shift 
corporations  are  going  to  have 
to  adopt;  otherwise  they  won’t 
be  able  to  keep  up  with  the 
competition,”  Farrar  said. 

Meanwhile,  Alaska  Airlines 
is  marrying  information 
gleaned  from  BI  analysis  on 
airplane  utilization  and  time  on 
the  ground  with  customer  sur¬ 
vey  results,  said  James  Archule¬ 
ta,  director  of  customer  rela¬ 
tionship  management  at  the 
Seattle-based  airline. 

Correlating  that  informa¬ 
tion  into  “actionable  analyt¬ 
ics”  allows  customer  service 
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representatives  to  use  data  at 
their  desktops  to  figure  out 
how  best  to  serve  customers, 
he  said. 

American  Republic  Insur¬ 
ance  Co.  is  embedding  BI  data 
in  the  processes  that  its  direct 
marketing  sales  force  uses 
when  offering  Medicare  sup¬ 
plements  to  customers,  said 
Wayne  Dow,  business  systems 
manager  of  direct  marketing 
at  the  Des  Moines-based  com¬ 
pany.  Users  now  have  “one- 
click  access”  to  as  many  as 
400  million  rate  combinations 
from  competitors,  he  said. 
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PanGo  Upgrades  Tools  for  Tracking  Equipment 


BY  MATT  HAMBLEN 

PanGo  Networks  Inc.  announced  an  up¬ 
grade  last  week  of  its  asset-tracking 
software,  as  well  as  a  second-generation 
active  RFID  tag  that’s  half  as  big  as  the 
original  version  and  less  expensive. 

PanGo’s  system  is  primarily  deployed 
in  hospitals,  where  it  uses  Wi-Fi  net¬ 
works  to  transmit  data  captured  by  ra¬ 
dio  frequency  identification  tags  placed 
on  equipment  to  a  central  location. 

The  technology  is  designed  to  help 
hospital  administrators  keep  track  of 
expensive  assets,  said  Mike  Braatz, 
vice  president  of  business  development 
at  the  Framingham,  Mass.-based  vendor. 

The  new  software,  PanGo  Locator 
3.0,  further  automates  the  site-survey 
process  and  adds  Web-based  monitor¬ 
ing  and  management  tools,  as  well  as  a 


notification  function  that  can  send 
alerts  about  the  status  of  equipment, 
Braatz  said.  Pricing  starts  at  $30,000 
for  500  endpoints,  and  the  software  is 
due  to  ship  this  month. 

Meanwhile,  PanGo’s  Active  RFID 
Tag  2.0  device  costs  about  $50  and  is 
roughly  the  size  of  three  AAA  batteries 
—  40%  of  the  size  of  the  initial  tag  the 
company  released  a  year  ago.  Version 
2.0  includes  new  wireless  security  fea¬ 
tures  and  a  50%  longer  battery  life, 
Braatz  said. 

Proactive  Management 

Lifespan  Corp.,  a  group  of  five  hospi¬ 
tals  based  in  Providence,  R.I.,  plans  to 
install  about  500  of  the  new  tags  by 
year’s  end,  said  David  Hemendinger, 
chief  technology  officer  at  the  health 


care  provider. 

One  function  will  be  to  provide  the 
locations  of  medical  equipment  so  bio¬ 
medical  staffers  can  perform  routine 
maintenance.  Having  the  ability  to  find 
lost  items  “is  just  icing  on  the  cake,” 
Hemendinger  said.  “The  real  power  of 
this  technology  is  its  ability  to  proac¬ 
tively  manage  assets  and  deliver  them 
to  the  point  of  care  before  my  users 
even  think  of  having  to  find  them.” 

Gary  Bayston,  manager  of  biomed¬ 
ical  engineering  at  Rockford  Memorial 
Hospital  in  Rockford,  Ill.,  said  he  plans 
to  deploy  about  600  of  the  RFID  tags 
in  the  next  two  months  to  track  all 
kinds  of  hospital  equipment. 

“I  was  amazed,  but  one  nurse  even 
said  she  was  losing  beds  in  a  ward 
some  nights,”  Bayston  said.  Apparently, 


Asset  Management 

PanGo’s  Locator  software  lets  users: 

•  Filter  assets  into  on-screen  maps,  floor 
plans  or  tabular  views  for  monitoring 

and  searching  purposes. 

•  Set  business  rules  to  trigger  automatic 
notifications  and  alerts  about  the  status 

of  assets  and  their  locations. 

•  Create  reports  with  current  or  historical 

information  about  the  equipment 
that's  being  tracked. 

of  Alzheimer’s  patients  and  newborn 
babies,  according  to  Bayston. 

Rockford  will  spend  about  $80,000 
on  the  PanGo  software  and  tags,  an 
amount  that  could  be  paid  off  within 
six  months  because  of  savings  on  labor 
costs,  Bayston  said. 

Ekahau  Inc.  in  Helsinski,  Finland, 
and  AeroScout  Inc.  in  San  Mateo, 
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workers  in  another  ward  had  been  bor¬ 
rowing  them. 

Ultimately,  Rockford  Memorial 
might  use  the  PanGo  tags  to  keep  track 


Calif.,  also  offer  location-tracking  sys¬ 
tems  that  work  over  Wi-Fi,  said  Mar¬ 
cus  Torchia,  an  analyst  at  Yankee 
Group  Research  Inc.  ©  57151 


VMware  Chief 
Looks  to  Stay 
Ahead  of  Rivals 

BY  PATRICK  THIBODEAU 

VMware  Inc.,  a  unit  of  EMC  Corp.,  is  the 
top  vendor  of  server  virtualization  tools. 
But  the  company  is  constantly  scram¬ 
bling  to  stay  ahead  in  an  increasingly 
competitive  landscape  that  includes 
Microsoft  Corp.  and  open-source 
vendors.  In  an  interview  with 
Computerworld,  VMware  Presi¬ 
dent  Diane  Greene  talked  about 
emerging  competitors  and  her 
company’s  strategy  of  partnering 
with  friend  and  foe  alike. 

As  Microsoft  and  Linux  vendors 
start  shipping  virtualization  capabil¬ 
ities  within  their  products,  how  are  you  go¬ 
ing  to  keep  your  customers  from  selecting 
their  products  over  yours?  We  are  work¬ 
ing  well  with  the  open-source  commu¬ 
nity.  We  are  going  to  continue  our 
partnerships  with  the  community  at 
large.  We  announced  this  community- 
source  [program]  to  allow  our  partners 
to  participate  more  fully,  and  we  have 
reseller  arrangements  with  all  the  x86 
hardware  vendors. 

Many  analysts  wonder  whether  Microsoft 
can  hurt  VMware  like  it  did  Netscape  in  the 
browser  market.  Are  you  concerned  that 


Microsoft  will  come  to  dominate  your  busi¬ 
ness?  We  see  some  differences  be¬ 
tween  us  and  Netscape.  One,  the  tech¬ 
nology  involved  is  much  deeper. 
There’s  a  lot  more  complexity  and  ro¬ 
bustness  requirements  on  it  as  well. 

No  one  cared  if  a  browser  crashed. 

And  we  have  very  strong  partnerships 
with  the  hardware  community,  which 
Netscape  was  not  able  to  do. 

What  are  your  goals  in  working  with  the 
open-source  community?  We  are  making 
sure  that  Linux  runs  really  well 
with  our  products.  And  we 
regularly  contribute  to  the 
open-source  community,  too. 

While  well-funded  start-up  Xen- 
Source  hasn’t  yet  released  a  virtual¬ 
ization  product,  do  you  see  it  as  a 
potential  competitor?  I  don’t  know 
where  they  are  going  to  play,  be¬ 
cause  we  haven’t  seen  the  robustness, 
performance  and  functionality  of  then- 
products.  We  launched  an  initiative 
around  [application  programming  in¬ 
terfaces]  to  standardize  some  things 
around  virtual  machines.  We  certainly 
want  to  partner  with  XenSource  in 
those  areas. 

Has  anything  changed  since  your  acquisi¬ 
tion  by  EMC  early  last  year  [QuickLink 
43582]?  What  difference  has  it  made  to 
VMware’s  operation?  We  operate  as  a 
completely  independent  subsidiary. 
We’re  not  integrated.  ©  57155 
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DON  TENNANT 


Parallel  Processing 


My  14-year-old  daughter,  Shelly, 

recently  came  across  a  photograph 
of  me  when  I  was  about  her  age.  She 
brought  it  to  me  and  tried  to  say 
something,  but  she  was  laughing  so 
hard  she  couldn’t  spit  it  out. 


I  grabbed  the  photo,  a 
little  put  off  by  her  hyste¬ 
ria.  OK,  so  I  looked  like 
an  adolescent  version  of 
Howdy  Doody.  That  was 
no  reason  to  hyperventi¬ 
late.  When  I  said  some¬ 
thing  to  that  effect,  she 
finally  regained  her  com¬ 
posure. 

“Not  you!”  she  said. 

“The  TV!  It’s  a  piece  of 
furniture!” 

I  looked  at  the  photo 
again,  and  sure  enough,  there  next  to 
me  was  our  old  Muntz.  For  some 
reason,  the  big  wooden  cabinet  with 
the  fabric-covered  speaker  and  the 
disproportionately  small  screen 
didn’t  jump  out  at  me.  Shelly,  on  the 
other  hand,  took  another  look  at  it 
and  lost  it  again. 

That  episode  was  still  fresh  in  my 
mind  when  I  read  “Decline  of  the 
Desktop,”  Robert  L.  Mitchell’s  su¬ 
perb  cover  story  in  last  week’s  issue 
[QuickLink  56909].  I  could  picture 
Shelly  20  years  down  the  road  with  a 
daughter  who  came  across  a  picture 
of  Shelly  as  a  kid,  next  to  a  desktop 
PC.  “Not  you,  the  computer!”  her 
daughter  would  laugh.  “It’s  a  piece  of 
furniture!” 

It  was  just  another  reminder  of 
how  so  many  things  that  are  happen¬ 
ing  in  computing  and  IT  have  already 
happened  in  other  realms  and  other 
industries.  That’s  why  it  never  ceases 
to  amaze  me,  for  example,  that  any¬ 
one  could  view  offshore  outsourcing 
in  the  IT  industry  as  anything  but  in¬ 
evitable.  A  product  or  service  will  be 
sourced  wherever  it’s  available  at  the 
lowest  cost,  whether  it’s  a  pair  of 
shoes  or  a  line  of  code.  Why  does 
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that  surprise  anyone? 

And  then,  of  course, 
there’s  the  consolidation 
phenomenon.  At  our 
Business  Intelligence  Per¬ 
spectives  conference  in 
Scottsdale,  Ariz.,  last 
week,  I  was  chatting  with 
the  director  of  business 
analysis  at  a  large  railroad 
company  about  the  spate 
of  acquisitions  in  the  IT 
industry.  He  mentioned 
that  his  father  spent  his 
entire  career  in  the  auto  industry,  and 
in  the  span  of  that  career,  he  watched 
a  multitude  of  car  manufacturers  coa¬ 
lesce  into  just  three.  Indeed,  it  all 
seems  to  have  happened  incredibly 
fast.  It  just  doesn’t  seem  that  long  ago 
that  I  was  eyeing  my  neighbor’s  AMC 
Gremlin  with  unabashed  envy. 

So  is  there  any  reason  to  believe 
the  same  thing  won’t  happen  among 


manufacturers  of  computer  hardware 
and  software?  No  reason  at  all.  There 
could  come  a  day  when  an  IT  Big 
Three  will  have  absorbed  their  larger 
partners  and  competitors  and  relegat¬ 
ed  the  smaller  ones  to  supplier  status. 

The  auto  industry  analogy  is  par¬ 
ticularly  interesting  when  you  con¬ 
sider  some  of  that  consolidation.  Af¬ 
ter  Chrysler  (now  DaimlerChrysler) 
acquired  American  Motors  Corp.  in 
1987,  it  allegedly  destroyed  AMC’s 
parts  inventories  and  the  molds  for 
producing  new  stock.  So  maybe  we 
shouldn’t  have  been  surprised  at  the 
way  Computer  Associates  handled 
so  many  of  its  acquisitions  through 
the  years. 

The  IT  industry,  to  be  sure,  is 
unique.  No  other  industry  has  expe¬ 
rienced  so  fast  a  rate  of  change  or  so 
great  a  capacity  to  change  the  world. 
But  the  parallels  with  the  industries 
that  have  preceded  it  are  vast.  And 
processing  those  parallels  can  yield  a 
valuable  insight  into  its  maturation. 

By  the  way,  I’m  really  glad  Shelly 
found  that  photograph.  You’d  under¬ 
stand  if  you  heard  her  laugh.  O  57163 


MICHAEL  GARTENBERG 

Microsoft 
Ready  to 
Go  Mobile 

A  FEW  WEEKS  AGO,  I 

spent  some  time  at  the 
Microsoft  Professional 
Developers  Conference,  which 
was  focused  mostly  on  Win¬ 
dows  Vista.  There  was,  how¬ 
ever,  a  good  deal  of  activity  centered 
on  Microsoft’s  mobile  technology  ef¬ 
forts,  and  what  I  saw  there  makes  me 
think  that  Microsoft  is  going  to  be¬ 
come  a  major  force  in  that  area  in  the 
near  future. 

Windows  Mobile  devices  have  been 
ridiculed  for  being  poorly  designed 
and  prone  to  crashing  and  for  provid¬ 
ing  an  inadequate  telephony  experi¬ 
ence.  But  as  with  many  things  Micro¬ 
soft,  patience  is  rewarded  for  those 
who  stick  with  the  platform.  The  latest 
release,  Windows 
Mobile  5.0,  seems 
rock-solid  and  over¬ 
comes  almost  all  the 
software  problems  of 
older  versions. 

But  software  alone 
doesn’t  make  for  a 
great  mobile  experi¬ 
ence.  Hardware  mat¬ 
ters  a  lot,  and  form 
and  function  are  in¬ 
tertwined. 

The  latest  crop  of 
devices  coming  to 
the  U.S.  market  re¬ 
flects  three  trends 
that  I  believe  will 
make  them  a  success. 

This  doesn’t  mean 
that  Microsoft  will 
dominate  the  mobile 
market  the  way  it  has 
the  PC  desktop;  instead,  it  will  likely 
be  a  strong  player  among  many.  (The 
notion  that  Microsoft  needs  to  domi¬ 
nate  in  order  to  be  a  success  is  wrong 
in  general.) 

First,  Microsoft  has  Finally  focused  on 
the  core  telephony  experience.  For  end 
users,  telephony  is  the  single  most  im¬ 
portant  function  in  mobile  devices,  ac¬ 
cording  to  my  firm’s  research.  Ignore 
telephony  or  compromise  that  function, 
and  your  device  will  fail  in  the  market. 
The  new  Windows  Mobile-based  smart 
phones  are  phones  First  and  foremost, 
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MORE  BUSINESS 
CONFIDENCE 


With  ProCurve  Networking  by  HP,  you  choose  from  a  comprehensive  set  of  security  solutions— 
each  designed  to  help  protect  your  growing  company.  You  get  exclusive  products  like  ProCurve 
Secure  Router,  Virus  Throttle,  Identity  Driven  Management  and  Access  Controller  Module. 

And  unlike  most  other  providers,  ProCurve  ensures  critical  network  security  at  the  edge  where 
users  connect  as  well  as  at  the  vulnerable  core.  Edge-to-edge  security  means  less  downtime, 
more  uptime.  ProCurve  means  more  security,  more  affordably. 


m 


Find  out  more  about  ProCurve  Networking.  Call  800-975-7684  Ref  Code  53  or 
download  informative  reports  complete  with  case  studies  and  cost-of-ownership 
analysis  at  www.hp.com/learn/procurve3. 
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Securing  the  network  at 
the  edge  keeps  business 
out  of  harm's  way 


It  WHS  tllC  C  FO  who  posed  the  “show- 

stopper”  question  at  a  recent  executive  committee  meeting: 
“With  all  the  resources  and  attention  businesses  are  expending 
on  security,  why  are  we  still  besieged  with  continuous  threats 
from  viruses,  worms,  and  hackers?” 

He  wasn’t  overstating  the  problem.  Today  an  estimated 
100,000  viruses,  worms,  and  Trojan  horses  pose  direct  threats 
to  network  computer  users.  The  cost  of  system  downtime 
stemming  from  attacks  can  often  be  measured  in  thousands 
of  dollars  per  minute,  and  the  theft  of  sensitive  data  carries 
tremendous  potential  liability.  So  it’s  no  wonder  security 
remains  a  top  priority  for  business  and  technology  managers 
alike. 

The  truth  is  that  current  methods  and  strategies  for  secur¬ 
ing  corporate  networks  often  fall  short.  Many  companies  use 
virus  signature  scanning  techniques,  but  these  technologies 
alone  are  not  sufficient  since  they  do  not  detect  new  forms  of 
viruses  and  they  depend  on  human  response.  Once  in  the  net¬ 
work,  a  virus  propagates  at  machine  speed,  which  is  orders  of 
magnitude  faster  than  the  “human-speed”  responses  to  them. 


WHAT  USERS  WANT 

Clearly,  businesses  need  a  complete  solution  that  truly  delivers 
security  without  compromise  to  protect  networks  and  the  mission- 
critical  data  that  runs  over  them.  A  checklist  of  the  features  of 
such  a  solution  should  include: 

/  Simplicity  for  administrators  and  transparency  for  users 
/  Ease  of  deployment  and  flexibility 
/  Security  built-in  and  integrated  with  the  hardware, 
not  bolted  on 

/  Security  at  the  critical  network  edge  where  users  connect 
This  is  exactly  what  users  get,  and  a  lot  more,  with 
Hewlett-Packard’s  ProCurve  Networking  solutions,  engineered  to 
move  vital  network  access  decisions  to  the  network  edge  while 
freeing  essential  network  resources  to  enable  the  high-band- 
width  connections  they  are  supposed  to  provide.  By  concentrat¬ 


ProCurve  Networking 

HP  Innovation 


ing  security  at  the  edge,  HP  ProCurve  further  enables  support 
for  vital  network  convergence  and  burgeoning  mobile  strategies. 
The  result  is  a  solution  without  tradeoffs  between  ease  of  use 
and  performance  versus  capability.  ProCurve  Networking  offers 
security  without  compromise. 

A  key  and  unique  element  of  the  ProCurve  solution  is  virus¬ 
throttling  functionality  built  directly  into  ProCurve  switches.  This 
highly  effective  bulwark  against  viruses  provides  detection  at 
the  network  edge  based  on  traffic  behavior,  not  virus  signature 
analysis.  The  bandwidth  on  the  port  where  the  attack  is 
detected  can  be  throttled  back  or  the  port  traffic  can  be  com¬ 
pletely  contained.  This  functionality  gives  the  IT  staff  the  time 
it  needs  to  first  isolate  and  then  eliminate  viruses  and  worms 
before  they  cause  system-crashing  damage. 

THE  ULTIMATE  IN 
NETWORK  SECURITY 

Unlike  other  virus  detection  technologies,  the  virus-throttling  fea¬ 
ture  does  not  need  preknowledge  of  specific  worms  and  viruses  to 
do  its  job  because  virus  throttling  is  behavior-based.  ProCurve 
switches  with  virus  throttling  can  throttle  or  rate-limit  routed 
traffic,  or  completely  block  traffic  from  a  suspect  client. 

Not  all  virus  attacks  come  from  external  sources  outside  of 
a  network.  It  is  increasingly  important  to  protect  access  to  the 
internal  network  behind  the  firewall  to  prevent  virus  attacks 
and  threats  to  critical  systems.  Using  ProCurve  solutions,  users 
effectively  move  security  to  the  network  edge,  where  trouble 
can  be  resolved  before  any  damage  is  done  to  business-critical 
data.  ProCurve’s  value  proposition  delivers  intelligent  security 
with  ease  of  use,  without  sacrificing  performance. 

The  bottom  line  is  that  with  its  many  unique,  powerful,  and 
adaptable  features,  HP  ProCurve  Networking  delivers  on  the 
core  and  essential  value  propositions  of  high  network  availabili¬ 
ty,  efficiency,  security,  ease  of  use,  and  open-standards-based 
interoperability.  For  more  information,  go  to 
www.hp.com/learn/procurve. 
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with  dedicated  keypads  and  a  one-hand 
usage  model.  Major  improvements  al¬ 
low  even  the  more  complex  Pocket  PC 
devices  to  be  used  as  passable  phones, 
and  almost  all  critical  features  on  the 
Pocket  PC  devices  have  been  made  ac¬ 
cessible  with  one  hand.  This  is  a  crucial 
change  from  past  devices,  which  need¬ 
ed  two  hands  to  operate  them. 

Second,  Microsoft  has  finally 
cracked  the  often  elusive  and  difficult 
U.S.  carrier  market.  While  the  mobile 
platform  has  been  around  for  a  while, 
offerings  that  included  telephony 
weren’t  widely  available  from  U.S.  car¬ 
riers.  That’s  all  changed  now.  Micro¬ 
soft  has  product  offerings  from  nearly 
all  major  carriers  in  the  U.S.,  so  which¬ 
ever  provider  you’re  using,  you’re  like¬ 
ly  to  have  the  opportunity  to  choose  a 
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Windows  Mobile  offering  of  some  sort. 
In  addition,  Microsoft  is  signing  more 
licenses,  most  notably  with  Palm, 
which  will  introduce  a  Windows  Mo¬ 
bile  version  of  the  Treo.  This  bodes 
very  well  for  Microsoft,  whose  mobile 
technology  had  often  been  derided  by 
Palm  CTO  Jeff  Hawkins. 

I  can’t  overstate  how  big  a  win  this  is 
for  Microsoft,  both  from  a  psychologi¬ 
cal  perspective,  as  it  gets  an  old  rival 
to  embrace  its  platform,  and  from  a 
market-share  perspective,  as  it  gets  one 
of  the  most  popular  mobile  devices  to 
run  Windows.  That’s  the  key  to  getting 
momentum  going  for  the  longer  haul. 

Finally,  Microsoft  and  its  partners 
have  come  to  the  realization  that  one 
size  doesn’t  Fit  all.  We  will  see  a  multi¬ 
tude  of  sizes  in  the  months  ahead,  in¬ 


cluding  hot  designs  like  the  razor-thin 
Q_smart  phone  from  Motorola  and  the 
aforementioned  Treo.  That  means 
users  will  be  able  to  pick  the  shape 
that  works  for  them,  but  more  impor¬ 
tant,  IT  departments  will  be  able  to 
leverage  development  and  support  for 
a  common  platform. 

One  thing  Microsoft  needs  to  re¬ 
member  is  that  the  buying  centers  for 
these  devices  have  shifted.  Microsoft 
is  focused  mostly  on  the  business- 
purchase  funnel  for  Windows  Mobile 
devices,  but  in  reality  a  lot  of  them  are 
going  to  be  bought  as  one-offs  by  end 
users  rather  than  being  purchased 
directly  by  IT,  and  these  devices  are 
going  to  get  both  business  and  person¬ 
al  use.  That  means  other  factors  be¬ 
yond  just  business-level  functionality 


are  going  to  be  involved  in  the  pur¬ 
chase  decision.  (It’s  worth  noting  that 
in  the  latest  Microsoft  reorganization, 
Windows  Mobile  is  no  longer  in  the 
Windows  platform  group  under  Jim 
Allchin  but  is  instead  in  Robbie  Bach’s 
group,  which  focuses  on  consumer 
products  such  as  the  Xbox.) 

If  Microsoft  and  its  partners  can 
capitalize  on  this  trend  and  market  the 
devices’  nonbusiness  features,  such  as 
digital  entertainment,  the  combination 
of  new  devices,  availability  and  enter¬ 
prise  compatibility  could  prove  to  be  a 
winning  formula.  O  57068 
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Baby  Boomers  Bring  Needed  Experience  to  IT 


Damian  smith’s  comments  about 
older  IT  workers  in  On  the  Mark 
[“Baby  Boomers  Get  Ready  for  Bed 
While ...”  QuickLink  55983]  are  sim¬ 
ple  in  principle,  shallow  in  understand¬ 
ing  and  anecdotal  in  their  assumptions. 

First,  today’s  older  IT  workers  were 
the  young  IT  workers  who  created  the 
applications  that  run  most  of  today's 
companies.  To  think  that  all  of  this  soft¬ 
ware  could  quickly  be  replaced  with 
new  material  of  equivalent  quality  and 
sophistication  by  younger  and  inexperi¬ 
enced  talent  is  disingenuous. 

Second,  the  idea  that  younger  work¬ 
ers  who  are  cheaper  and  work  longer 
hours  can  waltz  into  an  organization 
and  develop  cutting-edge  and  bug-free 
software  while  maintaining  current  op¬ 
erations  is  silly.  Experience  has  proved 
time  and  time  again  that  you  get  what 
you  pay  for. 

Third,  today's  young  IT  workers  are 
tomorrow's  old  ones.  Therefore,  obso¬ 
lescence  and  ongoing  maintenance  is 
part  of  IT  life.  What  is  truly  best  for  an 
IT  organization?  A  constant  flow  of  not- 
so-loyal,  young,  green  newcomers  who 
churn  out  cheap,  sloppy  work,  or  a  mix 
of  rookies  with  great  ideas  and  sea¬ 
soned  but  flexible,  experienced,  loyal 
professionals  working  together?  The 
answer  is  obvious. 

The  ideal  solution  for  any  IT  depart¬ 
ment  is  not  the  wholesale  sacking  of 
older  workers  in  the  name  of  cost¬ 
cutting  and  profit-making,  but  a  mix  of 
young  and  older  workers,  both  learning 
from  each  other.  On  the  other  hand, 
maybe  the  older  technologies  could 
more  easily  be  discarded  and  replaced 


if  middle  management,  upper  manage¬ 
ment  and  executives  were  replaced  by 
much  younger,  dynamic  workers  who 
would  be  willing  to  work  longer  hours 
for  half  of  those  generally  older  man¬ 
agers’  outrageous  salaries. 

Phil  Steinschneider 
Sterling,  Va. 

SMITH’S  THINKING  is  common,  in¬ 
correct  and  exposes  a  spurious 
correlation.  I  wouldn’t  be  surprised  to 
discover  that  the  ratio  of  software 
maintenance  and  support  costs  to  cor¬ 
porate  IT  software  development  costs 
in  many  corporate  IT  budgets  has  in¬ 
creased  over  the  years,  and  it  may  con¬ 
tinue  to  grow  well  into  the  future.  This  is 
related  to  the  fact  that  today  fewer  and 
fewer  corporate  IT  departments  are  in 
the  software  development  business.  In¬ 
stead,  much  of  corporate  America  pur¬ 
chases  software  that  requires  some 
customization  and  maintenance. 

Blaming  corporate  IT  budget  prob¬ 
lems  on  experienced  and  knowledge¬ 
able  IT  personnel  is  similar  to  blaming 
the  high  cost  of  health  care  on  experi¬ 
enced  and  knowledgeable  heath  care 
personnel.  Smith's  anti-baby-boomer 
model  can  be  applied  across  all  indus¬ 
tries,  so  why  stop  with  corporate  IT 
departments? 

Kim  Crutchfield 

Senior  systems  programmer, 

Irving,  Texas,  kcrutchf@vha.com 

WHAT  KIND  OF  OUTLOOK  is  em¬ 
bedded  in  phrases  like  “more  ex¬ 
perienced  workers  who  have  higher 
salaries  and  are  less  likely  to  work 


longer  than  40  hours  per  week"? 

Think  about  it:  He’s  saying  only  peo¬ 
ple  who  work  over  40  hours  a  week 
have  value.  Just  because  a  worker  has 
learned  how  to  work  smarter,  he's  less 
valuable?  How  many  of  the  younger 
workers  do  you  see  who  understand 
any  business,  much  less  their  compa¬ 
ny’s  business?  Why  would  I  go  to  work 
for  a  guy  who  publicly  says  to  young 
workers,  “Join  us  now,  because  we  will 
pay  you  low  wages  for  10  to  20  years, 
then  we  will  let  you  go  because  you  will 
have  gotten  too  expensive  for  us"? 
Steve  Comstock 
Founder,  The  Trainer’s 
Friend  Inc.,  Denver, 
steve@trainersfriend.com 

IT  IS  TRULY  AMAZING  that  Comput- 
erwor/d  would  allow  Damian  Smith 
to  spout  his  politically  incorrect,  age- 
discriminating  blather,  which  is  actually 
a  thinly  disguised  advertising  ploy  to 
sell  storage,  and  pass  it  off  as  a  legiti¬ 
mate  op-ed  piece.  Shame  on  you! 

Bill  Anderson 
Seattle 

The  percentage  of  the  IT  budget 
spent  on  keeping  the  status  quo 
functioning  versus  implementing  new 
things  is  a  meaningless  measurement. 
If  what  the  business  has  works,  meets 
the  business  requirements  and  incurs 
maintenance  costs  that  are  a  reason¬ 
able  fraction  of  the  entire  corporate 
budget,  there  is  no  problem.  If  the  busi¬ 
ness  is  not  being  served  by  the  infra¬ 
structure,  then  the  business  needs  to 
change  it,  regardless  of  the  percent¬ 
ages  of  the  IT  budget. 

What  counts  is  not  comparative 


rates  of  spending;  it  is  value  to  the 
business. 

David  P.  Vernon 

Tucson,  Ariz.,  vdpphd@qwest.net 


Specialists  Must  Also 
Talk  With  Customers 

I  WAS  DELIGHTED  to  see  an  article  on 
concrete  ways  to  improve  software 
quality  [“ABCs  of  Software  Methodolo¬ 
gies,”  QuickLink  55497],  But  I  was  dis¬ 
appointed  that  the  author  blamed  “a  se¬ 
ries  of  disconnects  and  miscommuni- 
cations  among  the  IT  specialists."  That 
should  have  been  “among  IT  specialists 
and  their  customers.”  Customer  skills 
and  behaviors  are  just  as  much  a  part 
of  the  problem  and  solution  as  IT  skills 
and  behaviors. 

Though  the  article  does  mention 
customers’  involvement  later,  it’s  mis¬ 
leading  to  imply  that  if  you  only  get 
smart  enough  IT  specialists,  with  the 
right  training,  you  can  have  great  soft¬ 
ware.  Great  enterprise  systems  also 
require  an  evolution  in  the  thinking  of 
our  customers. 

David  Allen 

Minneapolis, 

dallen@csom.umn.edu 


CEOs  Are  Limited  in 
Effects  on  Operations 

CEOs  HAVE  very  little  ability  to  im¬ 
prove  ongoing  operations,  but  they 
can  certainly  make  mistakes  that  have 
great  negative  effects  [“CEOs  Are  Fak¬ 
ing  It,  Stanford  Professor  Says,"  Quick¬ 
Link  a7070].  Similarly,  top  manage¬ 


ment’s  financial  performance  should 
not  be  judged  by  the  results  from  ongo¬ 
ing  operations.  It  should  be  judged  by 
the  extraordinary  charges. 

Milton  Anderson 

Fair  Haven,  N.J. 


Not  All  User  Groups 
Are  in  Bad  Shape 

WHILE  ONE  always  hates  to  see  a 
user  group  disband,  one  should 
not  infer  from  Patrick  Thibodeau’s  arti¬ 
cle  [“HP  World  Canceled;  Interex  Dis¬ 
banding,”  QuickLink  55630]  that  all 
user  groups  are  in  bad  shape.  Share, 
the  user  group  for  enterprises  focused 
on  IBM  systems,  celebrated  its  50th  an¬ 
niversary  this  summer  and  continues  to 
be  an  organization  that  educates  users 
and  works  closely  with  IBM  and  ISV 
management  to  help  users  and  vendors 
come  together  to  provide  needed  solu¬ 
tions  for  businesses. 

Robert  Rosen 
President,  Share  Inc., 

Bethesda,  Md. 

COMPUTERWORLD  welcomes 
comments  from  its  readers.  Letters 
will  be  edited  for  brevity  and  clarity. 
They  should  be  addressed  to 
Jamie  Eckle,  letters  editor,  Computer- 
world,  PO  Box  9171, 1  Speen  Street, 
Framingham,  Mass.  01701. 
Fax:(508)879-4843. 

E-mail;  letters@computerworld.com. 
Include  an  address  and  phone  number 
for  immediate  verification. 

OFor  more  letters  on  these  and  other 
topics,  go  to 

www.computerworld.com/letters 


ThinkPad  recommends  Windows®  XP  Professional. 


YOU’RE  LOOKING  AT  THE 
MOST  SECURE  WIRELESS  PC. 

AND  THE  EASIEST  WAY 


Availability:  Ail  offers  subject  to  availability.  Lenovo  reserves  the  right  to  alter  product  offerings  and  specifications  at  any  time,  without  notice.  Lenovo  is  not  responsible  for  photographic  or  typographic  errors.  'Pricing:  Prices  do  not  include  tax  or  shipping  or  recycling  fees  and  are  subject  to 
change  wfhout  notice.  Reseller  prices  may  vary  Warranty:  For  a  copy  of  applicable  product  warranties,  write  to:  Warranty  Information,  P.O.  Box  12195,  RTP,  NC  27709,  Attn:  Dept  UF2A/B203.  Lenovo  makes  no  representation  or  warranty  regarding  third  party  products  or  services.  Footnotes:  (t) 
Mobile  Processors:  Power  management  reduces  processor  speed  when  in  battery  mode.  (2)  Wireless:  based  on  IEEE  802.11a,  802,11b  and  802.1  lg  respectively.  An  adapter  with  lla/b.  llb/g  or  1  la/b/g  can  communicate  on  either/any  of  these  listed  formats  respectively:  the  actual  connection 
will  b"  based  on  the  access  point  to  which  it  connects.  (3)  Included  software:  may  differ  from  its  retail  version  (if  available),  and  may  not  include  user  manuals  or  all  program  functionality.  License  agreements  may  apply.  (4)  Memory:  For  PCs  without  a  separate  video  card,  memory  supports 
both  system  and  video.  Accessible  system  memory  is  up  to  64MB  less  than  the  amount  stated,  depending  on  video  mode.  (5)  Hard  drive:  GB  =  billion  bytes.  Accessible  capacity  is  less;  up  to  4GB  is  service  partition.  (7)  Thinness:  may  vary  at  certain  points  on  the  system.  (8)  Travel  Weight: 
includes  battery  and  optional  travel  bezel  instead  of  standard  optical  drive  in  Ultrabay  bay,  if  applicable-,  weight  may  vary  due  to  vendor  components,  manufacturing  process  and  options.  (9)  Internet  access  required;  not  included.  (10)  ThinkVantage  Client  Security  Solution:  requires  software 
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ThinkPad  R50e 

DISTINCTIVE  INNOVATIONS 

ThinkVantage  Rescue  and  Recovery  - 
one  button  recovery  and  restore  solution 


ThinkPad  T43  with  Integrated 
Fingerprint  Reader 

Perfect  balance  of  performance  and  portability. 


THE  MOST  SECURE  WIRELESS  PC.  ONLY  ON  A  THINKPAD. 

Put  security  at  your  fingertips  when  you’re  on  the  road.  Literally. 
These  ThinkPad®  notebooks  feature  Intel®  Centrino"  Mobile 
Technology,  so  you  can  access  your  data  wirelessly  anytime.9 
And  with  our  Integrated  Fingerprint  Reader  (select  models),  it  all 
happens  with  one  finger  and  one  password.  These  innovations, 
combined  with  our  security  chip  and  security  software,  provide 


SYSTEM  FEATURES 

Inter  Centrino”  Mobile  Technology 
Intel®  Pentium®  M  Processor  725  (1.60GHz)1 
Intel®  PRO/Wireless  2200BG  (802.1  lb/g)2 

Microsoft*  Windows*  XP  Professional3 
15"  XGA  TFT  Display  (1024x768) 
256MB  DDR  SDRAML  40GB  Hard  Drive5 

*949  (P/N  1842QDU) 

ThinkPad  Premiere  Leather 
Carrying  Case 


DISTINCTIVE  INNOVATIONS 

ThinkVantage  Client  Security  Solution  6.0m- 
-  Strong  security  as  a  standard  feature 

SYSTEM  FEATURES 

Intel*  Centrino'"  Mobile  Technology 
Intel®  Pentium®  M  Processor  740  (1.73GHz)‘ 
Intel*  PRO/Wireless  2200BG  (802.11b/gP _ 

Microsoft*  Windows®  XP  Professional 
15“  XGA  TFT  Display  (1024x768) _ 

512MB  DDR2  SDRAM,  60GB  Hard  Drive 
Ultrabay  Slim  CD-RW/DVD  ROM  Combo 


a  level  of  security  that  no  one  else  offers  as  a  standard  feature. 
Giving  you  the  most  secure  wireless  PC  available. 


*99  (P/N  10K0209) 

ThinkPad  Women’s  Executive 
Red  Leather  Tote 


Only  1”  thin7  and  4.7-lb  travel  weight8 
1-yr  limited  warranty" 

THINK  EXPRESS  MODEL 


*130 


(P/N  22P8858) 


*1499 


(P/N  1875DLU) 


With  the  Think  Express  Program,  ThinkPad  notebooks  are  preconfigured  with  your  business,  and  your  budget,  in  mind. 


Call  1  866-426-0009 

To  shop  or  locate  your  local  reseller  Go  ^  Wnkpad.com/security/nl583 

ThinkPad  is  a  product  of  Lenovo. 


download  (11)  Limited  warranty-  Support  unrelated  to  a  warranty  Issue  may  be  subject  to  additional  charges.  (12)  Systems  with  limited  onsite  service:  are  designed  to  be  repaired  during  the  applicable  warranty  period  primarily  with  customer-replaceable  parts.  A  technician  will  only  be  sent 
onsite  to  oertorm  a  repair  if  (a)  remote  telephone  diagnosis  and/or  customer  part  replacement  are  unable  to  resolve  the  problem,  or  (b)  the  part  is  one  of  the  few  designated  by  Lenovo  for  onsite  replacement.  For  a  list  of  onsite  replaceable  parts,  contact  Lenovo.  Support  unrelated  to  a  warranty 
issue  mav  be  subject  to  additional  charges  (13)  Certain  IBM”  and  ThinkPad”  logo  products:  are  not  manufactured,  warranted  or  supported  by  IBM  or  Lenovo;  IBM  and  Lenovo  logos  and  trademarks  used  under  license.  Contact  Lenovo  for  details.  TiademarkS;  The  following  are  trademarks  of 
lenovo  ThinkPad  ThinkCentre  and  UltraConnect  IBM  and  the  IBM  logo  are  registered  trademarks  of  IBM  and  are  used  under  license.  Microsoft  and  Windows  are  registered  trademarks  of  Microsoft  Corporation.  Intel,  Intel  logo,  Intel  Inside.  Intel  Inside  logo,  Intel  Centrino,  Intel  Centrlno  logs, 
PI  0:  .  .  . ,  '  I,,  cDceasteD  Itanium  and  Pentium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Other  company,  product  and  service  names  may  he  trademarks  or  service  marks  of  other  companies.  ©2005  Lenovo. 
All  rights  reserved.'  Visit  www.lenovo.com/safecomputing  periodically  for  the  latest  information  on  sate  and  effective  computing. 
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Business  Intelligence  made  a  promise:  to  make  it  simple  for  everyone  to  use  information  to  make 
better  decisions.  But,  given  your  complex  IT  infrastructure,  the  reality  of  getting  a  single  BI  standard 
in  place  across  the  company  has  been  anything  but  simple.  Until  now. 

Introducing  Cognos  8  Business  Intelligence,  the  one  solution  built  to  break  down  the  barriers  limiting 
BPs  potential.  With  a  complete  Web  Services-based  SOA.  A  simple  browser-based  interface.  A  full  range 
o!  BI  capabilities  —  reporting,  analysis,  scorecarding,  dashboarding  and  more  —  all  in  a  single  product 
and  on  a  single  architecture.  And  the  BI  foundation  for  companies  demanding  a  simpler  path  to  a  complete 
performance  management  system. 

It's  everything  BI  promised  to  be.  And  now,  it’s  here. 

To  learn  more  and  to  find  out  where  you  can  preview  Cognos  8,  go  to  cognos.com/simple 

COGNOS  8  BUSINESS  INTELLIGENCE. 


Copyright  ©  2005  Cognos  Incorporated.  All  rights  reserved. 
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QUICKSTUDY 

Podcasting 

Podcasting  is  a  way  to  publish  audio 
broadcasts  via  the  Internet  in  which  users 
subscribe  to  an  automatic  feed  of  files  that 
can  be  downloaded  to  portable  music 
players  or  PCs.  Page  34 


SECURITY  MANAGER’S  JOURNAL 

Playing  Nice  With  Physical  Security 

Mathias  Thurman  discusses  the  need  to  tread 
with  care  when  you  cross  the  line  between  the 
departments  for  physical  and  information 
security.  He  also  reviews  a  new  book  about 
dealing  with  threats  posed  by  rootkits.  Page  35 


OPINION 

Keep  Humans  in  the 
Authentication  Loop 

Cutting  the  user  out  of  deci¬ 
sions  about  how  he  can  use  his 
computer  is  a  bad  idea,  says  Mark 
Willoughby.  Page  36 
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Letterman 
Digital  Arts 
Center 


FIELD 

REPORT 


at  a 

Glance 


THE  FACILITY 

Total  project  cost:  $350  million 

Total  employees:  1,500 

Total  square  footage:  850,000 

Campus  area:  23  acres 

Employees:  1,500 

Special  effects  artists:  400 

Amount  of  data  generated  for  average  film  project: 

30TB  (120TB  for  Star  Wars:  Episode  III) 

Network  traffic:  130TB/day 


THE  U  INFRASTRUCTURE 

F*rimary  data  center:  13,500  square  feet 

Render  server  farm:  3,000  processors  on  1U  (1.75  in.  high)  and  blade  servers 

Media  data  center:  3,000  square  feet 

Storage:  146TB,  including  68TB  of  NAS  and  78TB  of  near-line  storage 

Network:  340-port,  106bit  Ethernet  backbone,  1Gbit  to  the  desktop:  more  than  600  miles  of  cable  run 

through  18-inch  raised  floors  throughout  the  campus 

Telephony:  Voice  over  IP  on  physically  isolated  network 

Building  security:  Smart  card  readers  and  video  monitoring  systems  on  physically  isolated  IP  network 


As  it  RUSHED  to  complete  work  on  Star  Wars:  Episode  III  — 

Revenge  of  the  Sith  last  February,  special  effects  company  Indus¬ 
trial  Light  and  Magic  found  itself  split  between  two  worlds.  The 
new  home  of  the  San  Rafael,  Calif.-based  studio  was  in  the  Final  phase 
of  construction  as  part  of  the  Letterman  Digital  Arts  Center  (LDAC),  a 
850,000-square-foot,  four-building  campus  in  San  Francisco’s  Presidio 
National  Park.  Two  of 
those  buildings  today 
serve  as  headquarters  for 
George  Lucas’  Lucasfilm 
Ltd.  as  well  as  its  ILM 
and  LucasArts  Entertain¬ 
ment  Co.  subsidiaries. 

ILM  had  been  given  re¬ 
sponsibility  for  moving 
IT  operations  for  all 
three  business  units.  But 
Chief  Technology  Officer 
Cliff  Plumer  was  also  in 
an  enviable  position.  His  group  had  a  rare 
opportunity  to  create  an  IT  infrastructure,  in¬ 
cluding  new  data  centers  and  the  network,  from  the 
ground  up. 

That  February,  however,  ILM  didn’t  have  the  proc¬ 
essing  power  in  its  overcrowded  data  center  in  San 
Rafael  to  finish  rendering  all  of  the  movie  frames  on 
time,  and  it  didn’t  have  the  space  for  more  servers. 

Bringing  down  the  2,500-processor  server  farm  to 
move  it  would  have  had  a  huge  impact  on  operations, 
since  it  runs  24  hours  a  day,  says  Plumer. 

Keeping  Star  Wars  fans  waiting  was  not  an  option, 

Continued  on  page  27 


CLIFF  PLUMER  got  a  rare  chance  at  ILM  to  create  an  IT  infrastructure  from  the  ground  up. 


DATA 
CENTER®  STAR 

TREATMENT 

Lucasfilm’s  new  data  center  has  the  artists  behind 
Star  Wars’  special  effects  working  at  light  speed. 

By  Robert  L  Mitchell 
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53%  INCREASE 
IN  PERFORMANCE 


sed  on  the  SPECuit  RATE2G00  benchmark  test  performed  by  Dell  labs  in  February  and  July  2005  comparing  a  Dell  PowerEdge  2850  configured  with  two  3.6GHz  w/2MB 
.ingle-core  lirfr ;  Xeon  Piocessors.  8GB  DDR-2  memory,  1x36GB  SCSI  HDD,  Windows  Server  2003  Standard  with  the  same  system  configured  with  two  2.8GHz  w/2MB  Intel 
Coal-Core  Xsort  frocessors.  Actual  performance  will  vary  based  un  configuration,  usage  and  manufacturing  variability.  Results  can  be  found  at  http://www.spec.org. 


i/wi  :’~nnot  hi;  responsible  !oi  errors  in  typography  or  photography.  Dell,  the  Dell  logo  and  PowerEdge  are  trademarks  of  Dell  Inc.  Intel,  Intel  Inside,  the  Intel  Inside  logo,  and 
ii-  -  f.-!  are  v  u  .”  larks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  ©2005  Dell  Inc.  All  rights  reserved. 
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PERFORMANCE. 

HASSLE-FREE 

MULTI-CORE 

SERVERS. 


THE  DELL™  POWEREDGE™  1850, 
2800, 2850,  AND  THE  1855  BLADE 
SERVERS  FEATURE  DUAL-CORE 
INTEL®  XEON™  PROCESSORS  FOR 
OUTSTANDING  PERFORMANCE. 


DELLS  EASY  TO  DEPLOY 

MULTI-CORE  TECHNOLOGY. 

Get  up  to  a  53%  gain  in  performance* 
with  Dual-Core  Intel®  Xeon™  Processors 
in  Dell™  PowerEdge™  Servers.  Working 
with  your  existing  architecture  greatly 
reduces  the  number  of  system  images 
for  easier  deployment  and  management. 
It's  the  right  technology  at  the  right  time. 
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COMPUTERWORLD 


Learn  How  to  Achieve 
Storage  Networking  Success 


October  24-27,  2005  •  JW  Marriott  Grande  Lakes  Resort  •  Orlando,  Florida 


Featured  Speakers  Include: 


YURI  AGUIAR 

Senior  Partner,  Chief  Technology  Officer 
Ogilvy  &  Mather  Worldwide 


KEN  BLACK 

feywn'  Global  Storage  Achitect 
&  '  Yahoo! 

KARLTON  JOHNSON 

Lieutenant  Colonel,  U.S.  Air  Force 
US  Army  War  College,  Class  AY06 

JOSEPH  TUCCI 

President  &  CEO 
EMC  Corporation 


JAYS H REE  ULLAL 

Senior  Vice  President,  Data  Center, 
Switching  &  Security  Technology  Group 
Cisco 


The  Leading  Conference  for: 

•  IT  Management 

•  Storage  Architects 

•  IT  Infrastructure  Professionals 

•  Business  Continuity  Planning  Experts 

•  Data  Management  Specialists 

•  Network  Professionals 

To  register  or  for  more  information, 
visit  www.snwusa.com 


Attendees  at  Storage  Networking  World  Fall  2005  will  see  solutions  from  companies  including: 
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ANATOMY  OF  A  DATACENTER  MIGRATION 

Initial  planning  for  the  migration  planning  began  in  2000.  The  move  began  in  February  2005. 


LucasArts  and  ILM  IT  groups  merge. 


Bulk  of  data  center  equipment  moves  in  along  with  — 
270  ILM  artists  and  staffers.  Move  is  half-completed. 


-  New  data  center  goes  live  with  installation  of  a  500-processor  blade  server  farm. 
Industrial  Light  and  Magic  begins  rendering  across  lOGbit/sec.  fiber  link  connect¬ 
ing  two  data  centers.  Systems  begin  migrating  into  new  space. 


LucasArts  staff  moves  in.  - 

Near-line  storage  migrates  to  the  new  data  center. 


I 


Cleanup  phase:  Remaining  systems 
will  be  retired  or  redeployed. 


MSMSMBIfNMfl 


Lucasfilm  and  back-office  systems  move  in  — 
along  with  remaining  ILM  staffers. 


Continued  from  page  23 
so  ILM  bought  an  additional  250  dual¬ 
processor  blade  servers,  installed  them 
in  the  new  data  center  at  the  LDAC  20 
miles  away  and  connected  them  into 
the  render  server  farm  in  San  Rafael  by 
way  of  a  lOGbit/sec.  fiber-optic  link. 

Today  ILM  resides  in  a  quiet  setting 
with  views  of  the  Golden  Gate  Bridge. 
From  the  outside,  the  style  of  the  build¬ 
ings  is  more  in  keeping  with  the  former 
Army  base’s  heritage  than  what  one 


would  expect  for  a  high-tech  special 
effects  and  movie  production  compa¬ 
ny.  There  are  no  signs,  and  even  at  the 
main  entrance,  hidden  behind  plant¬ 
ings,  the  only  indication  of  who  occu¬ 
pies  the  buildings  is  a  statue  of  Star 
Wars  character  Yoda  atop  a  fountain. 

Inside,  everything  is  state  of  the  art. 
The  multistory  buildings  include  a 
13,500-square-foot  data  center,  18-inch 
raised  floors  that  accommodate  more 
than  600  miles  of  network  cabling,  and 


SPREADING 
THE STORAGE 
LOAD 

WITH  A  TYPICAL  MOVIE  today  generating  an 
average  of  30TB  of  data  -  Star  Wars:  Episode 
III  generated  120TB  -  storage  is  a  critical 
component  of  ILM’s  IT  infrastructure.  But 
after  moving  from  Silicon  Graphics  Inc.  multi¬ 
processor  workstations  to  Linux-based  servers 
for  rendering  movie  frames,  ILM  ran  into  seri¬ 
ous  disk  1/0  performance  issues  with  its  net¬ 
work-attached  storage  (NAS)  systems. 

“We  used  to  have  big,  32-way  machines 
that  could  process  32  frames  of  the  same  shot 
with  one  pull  of  the  data  into  memory,”  says 
system  developer  Mike  Thompson,  who  man¬ 
ages  ILM’s  networked  storage.  The  company 
migrated  to  dual-processor  Linux  servers, 
which  were  fast  and  cheap.  But  while  the 
32-way  multiprocessor  system  pulled  the  data 
across  the  network  and  into  that  system  once 
to  render  32  shots,  each  of  the  16  Linux 
servers  had  to  retrieve  its  own  copy  of  the 
data.  That  meant  pulling  16  times  the  data 
across  the  storage  network  to  do  the  same 
work.  “The  Linux  render  farm  just  destroyed 
the  storage,”  Thompson  says. 

Adding  the  SpinFS  distributed  file  system 
on  top  of  R200  network-attached  storage 
filers  from  Network  Appliance  alleviated  the 
problem  by  allowing  data  to  be  distributed 
evenly  across  all  of  ILM’s  disk  arrays.  “It  dou¬ 
bled  the  [Network  File  System]  horsepower,” 
Thompson  says.  For  files  that  are  in  especially 
heavy  demand,  Thompson  can  also  mirror 
them  across  the  arrays  to  further  increase  per¬ 
formance.  “SpinFS  brings  a  lot  of  the  stuff  you 
get  with  a  SAN  but  with  more  tricks  for  man¬ 
aging  data  [and]  a  little  bit  less  risk,”  he  says. 

The  distributed  file  system  had  another  ben¬ 
efit:  By  allowing  all  of  the  filers  to  use  a  com- 
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mon  namespace,  ILM  could  manage  the  total 
storage  pool  more  efficiently.  “You  can  only 
run  a  filer  so  full.  We  were  at  80%  [utilization] 
before.  Now  we  can  run  at  93%, ”  Thompson 
says. 

Thompson  was  initially  concerned  when 
Spinnaker  Software  Solutions,  which  makes 
SpinFS,  was  acquired  by  NetApp  last  year.  But 
the  vendor  is  improving  the  product  to  work 
with  its  own  Write  Anywhere  File  Layout  tech¬ 
nology.  The  new  version,  dubbed  Data  OnTap 
NG,  is  due  out  by  year’s  end. 

ILM  has  also  moved  to  a  more  hierarchical 
model  for  storage,  complementing  its  NAS  and 
tape  library  storage  systems  with  NetApp 
NearStore  devices  that  provide  78TB  of  rela¬ 
tively  cheap  near-line  storage  based  on  Ad¬ 
vanced  Technology  Attachment  (ATA)  technol¬ 
ogy.  “Thirty  percent  of  the  storage  is  for  shows 
that  are  done,”  Thompson  says,  but  it  takes 
time  after  a  show  wraps  for  the  artists  to  clean 
up  the  files  and  get  them  ready  for  off-line 
archiving. 

Near-line  storage  provides  a  quick  way  to 
get  the  data  off  primary  storage.  Access  is 
slower  but  still  adequate.  “It's  a  parking  lot  for 
low-throughput  data,”  Thompson  says. 

ILM's  near-line  devices  use  the  same  virtual 
namespace  as  the  rest  of  ILM’s  NAS.  That  in¬ 
creases  the  efficiency  of  storage  utilization 
while  allowing  files  to  be  rapidly  and  transpar¬ 
ently  shuttled  over  when  a  show  wraps, 
Thompson  says.  It  also  acted  as  a  temporary 
storage  space  as  the  company  moved  the  bulk 
of  its  NAS  arrays  into  its  new  headquarters. 

Thompson  also  hopes  to  add  virtual  tape 
libraries,  which  function  like  traditional  tape 
libraries  but  use  inexpensive  ATA  disk  arrays 
as  a  cache.  The  arrays  act  as  a  buffer,  holding 
data  headed  to  or  coming  from  tape.  “That’s 
the  next  thing  we  have  to  throw  technology 
at,”  he  says. 

-  Robert  L  Mitchell 
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a  3,000-square-foot  media  data  center. 
The  latter  is  capable  of  simultaneously 
delivering  high-definition  video  to  re¬ 
mote  clients  and  to  several  in-house 
viewing  spaces. 

The  main  data  center  includes  a 
3,000-processor  server  farm,  approxi¬ 
mately  150TB  of  network-attached 
storage  and  a  10  Gigabit  Ethernet  back¬ 
bone  that  may  be  the  largest  built  by 
any  company  to  date.  It  has  some  340 
10Gbit  ports  and  supports  traffic  loads 
of  130TB  per  day.  Power  and  cooling 
systems  sit  in  two  adjacent  rooms, 
which  Plumer  says  helps  to  keep  main¬ 
tenance  traffic  out  of  the  data  center. 

Going  Live 

Getting  moved  wasn’t  easy.  The  data 
center  was  ready  to  go  back  online  in 
February  when  the  new  servers  and 
other  equipment  arrived  at  the  LDAC. 
The  IT  staff  had  already  moved  in,  be¬ 
coming  the  building’s  first  tenant.  But 
the  rest  of  the  building  was  far  from 
finished.  “We  had  to  wear  hard  hats 
and  goggles”  during  those  first  weeks, 


recalls  network  engineer  Mike  Runge. 

With  all  the  construction,  finding  a 
place  to  store  equipment  shipments  — 
dual-Opteron  Titan64  Superblades 
from  Angstrom  Microsystems  Inc.  and 
networking  gear  from  Foundry  Net¬ 
works  Inc.  —  was  tough.  “It  was  hard  to 
find  a  room  that  would  lock  and  be  free 
of  dust,”  Runge  says.  Once  the  equip¬ 
ment  was  unboxed,  however,  the  instal¬ 
lation  took  Angstrom  technicians  just 
two  hours,  says  Lalit  Jain,  Angstrom’s 
CEO. 

“Within  seconds  of  powering  [the 
servers]  up,  they  were  processing  an 
image,”  Plumer  says.  Since  then,  the 
rest  of  the  data  center  equipment  has 
moved  over.  The  bulk  of  it  arrived  in 
mid-August,  when  ILM’s  400  artists  and 
other  staffers  began  moving  in. 

ILM’s  move  is  part  of  a  corporate 
consolidation  that  also  includes  video 
game  maker  LucasArts  as  well  as  Lu¬ 
casfilm.  Some  1,500  people  work  in  the 
new  facility. 

Moving  LucasArts  and  Lucasfilm  was 
Continued  on  page  29 


The  real  world  operates  in  real  time  —  so  should  your  conference 
technology.  For  fast,  easy,  and  intuitive  collaboration,  look  to 
Polycom  for  solutions.  To  learn  more  about  our  real-time  offerings, 
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Continued  from  page  27 
fairly  straightforward,  says  Kevin  Clark, 
director  of  IT  operations.  ILM  was  more 
difficult.  “The  infrastructure  is  much 
more  complex,”  he  says. 

Net  Gains 

The  LDAC  project  gave  Plumer’s  team 
a  unique  opportunity  to  rebuild  its  IT 
infrastructure  from  scratch.  The  team 
started  by  interviewing  users  on  their 
needs,  says  Gary  Meyer,  systems  engi¬ 
neer  and  project  manager.  From  there, 
a  narrative  description  of  the  technical 
infrastructure  was  developed  and  giv¬ 
en  to  the  design  teams. 

“The  biggest  key  is  the  networking 
infrastructure,”  says  Plumer. 

“This  industry  tends  to  be  a  good  10 
years  ahead  of  general  business  in 
terms  of  critical  network-capacity 
needs  and  capability,”  says  Rob  Ender- 
le,  principal  at  Enderle  Group  in  San 
Jose.  ILM  “will  probably  be  passed  rel¬ 
atively  quickly,  given  [that]  this  need 
crisscrosses  their  industry.” 

The  architecture  consists  of  three 
networks:  one  for  a  new  voice-over-IP 
telephone  network  and  two  separate 
10Gbit  network  cores.  One  is  for  video 
in  the  media  data  center,  and  the  other 
is  for  the  main  data  center,  which  han¬ 
dles  the  render  server  farm  and  back¬ 
end  business  systems.  A  10Gbit  fiber 
backbone  runs  from  the  data  centers 
to  each  building  and  out  to  the  distrib¬ 
ution  closets.  All  employees  now  have 
lGbit/sec.  connections,  up  from 
lOOMbit/sec.  in  the  old  facilities.  ILM 
also  pulled  fiber  to  each  artist  work¬ 
station.  “Putting  the  fiber  in  gives  us 
the  ability  to  go  to  10  gigabits  or 
greater  to  the  desktop,”  Meyer  says. 

Meyer  won’t  be  surprised  if  ILM’s 
artists  max  out  their  1Gbit  connections 
within  a  year.  Between  downloading 
very  large  files  and  streaming  high- 
definition  video  to  the  desktop,  they 
could  start  to  fill  up  the  pipe,  he  says. 

Those  kinds  of  anticipated  band¬ 
width  demands  resulted  in  very  strict 
requirements  for  network  equipment, 
says  Runge.  “We  spent  months  doing  a 
bake-off  between  several  vendors,”  he 
says.  Foundry  won  because  it  dropped 
the  fewest  packets  —  a  critical  metric 
for  an  organization  that  needs  to  run 
multiple  high-definition  video  streams. 


MANAGING  CHAOS 

How  ILM’s  IT  staff  managed  a  move  of  users’ 
workstations  and  IT  equipment  into  a  new  building: 

QuickLink  56599 


High-Visibility  Storage:  How  ILM  handled  its 
storage  needs  as  it  migrated  data: 

O  QuickLink  56879 
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While  the  new  buildings  gave 
Plumer  a  blank  slate  for  a  new  data 
center,  the  need  for  more  space  wasn’t 
the  biggest  issue.  “It’s  more  about  pow¬ 
er  and  cooling,”  he  says.  During  the 
data  center’s  design  phase,  heat  and 
power-density  requirements  for  IT 
equipment  rose  faster  than  anyone  ex¬ 
pected.  The  original  design  called  for 
200  watts  per  square  foot. 

“Partway  through  the  process,  we 
threw  up  a  flare  and  said,  ‘We  think 
we’ve  made  a  mistake.  We  think  we 
should  design  for  400  watts  per  square 
foot.’  And  we  were  basically  laughed 
out  of  the  room,”  says  Meyer.  Today, 
the  room  supports  330  to  340  watts  per 
square  foot  and  could  easily  consume 
400,  he  says. 

One  major  reason  for  the  increase 
was  the  server  farm  used  to  render 
movie  images  frame  by  frame.  As  ILM 
has  adopted  blade  servers,  power  den¬ 
sity  has  gone  up  from  10  kilowatts  per 
rack  a  few  years  ago  to  nearly  20  kilo¬ 
watts  for  its  blade  servers  today.  ILM 
adjusted  the  original  data  center  design 
but  still  has  had  to  spread  out  blade 
servers  to  dissipate  heat.  “It’s  a  con¬ 
stant  job  of  balancing  the  room,” 
Plumer  says. 

Data  on  the  Move 

Handling  storage  needs  during  the 
transition  was  another  challenge.  ILM 
had  18  Network  Appliance  Inc.  R200 
filers  connected  to  68TB  of  storage  in 
San  Rafael.  Those  arrays  needed  to  be 
online  around  the  clock  in  order  to 
feed  files  to  the  render  server  farm. 

ILM  was  also  using  SpinFS  from 
Spinnaker  Software  Solutions,  a  dis¬ 
tributed  file  system  that  virtualizes 
storage  and  establishes  a  single,  uni¬ 
fied  namespace  that  all  of  the  filers 
use.  SpinFS  eliminated  a  performance 
bottleneck  that  resulted  when  many 
machines  in  the  render  farm  requested 
the  same  data  at  the  same  time. 

ILM  uses  the  technology  to  distrib¬ 
ute  the  data  across  multiple  disk  arrays, 
says  systems  developer  Mike  Thomp¬ 
son.  ILM  also  used  it  to  migrate  data 
between  San  Rafael  and  the  LDAC. 

Thompson  added  another  78TB  of 
near-line  storage  and  deployed  another 
10  R200s  running  SpinFS  in  the  LDAC. 
Then  he  connected  them  over  the 
10Gbit  link  to  the  arrays  in  San  Rafael. 
“No  matter  which  [end]  you  are  on, 
you  see  all  the  storage,”  he  says.  Using 
the  near-line  storage  as  a  buffer, 
Thompson  pulled  arrays  out  of  the 
storage  pool  in  San  Rafael  and  recon¬ 
nected  them  in  the  LDAC  without  dis¬ 
rupting  operations.  It’s  now  used  as  a 
place  to  store  completed  projects  until 


the  data  is  ready  for  migration  to  tape. 

Once  the  last  staffers  and  equipment 
from  the  three  organizations  are  finally 
moved  in,  the  data  center  will  be  at 
about  60%  of  capacity,  Plumer  says. 
The  infrastructure  design,  as  deployed, 
is  supposed  to  last  five  years.  Already, 
however,  the  IT  staff  is  anticipating 
new  needs. 

“We’re  migrating  production  to  64- 


bit,”  says  Plumer,  which  means  swap¬ 
ping  out  older  servers  for  units  with 
dual-core  Opteron  processors.  And  the 
film  industry  could  be  moving  to  4K 
frames,  which  would  double  the  stor¬ 
age  requirements. 

“We’ll  stay  at  68TB  for  a  year  or 
two,”  Thompson  predicts.  “But  as 
shots  get  more  complex  . . .  it’s  hard  to 
tell.”  O  56362 
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CONSOLIDATION 
OF  CULTURES 

MOVING  ILM,  LucasArts  and  Lucasfilm  into  a 
single  building  allowed  for  greater  IT  efficien¬ 
cies,  but  different  IT  architectures  and  cul¬ 
tures  needed  to  be  merged  as  well. 

The  process  of  combining  the  organiza¬ 
tions'  1,500  employees  began  with  the  two  IT 
groups,  which  merged  as  the  project  started. 
The  business  units  have  very  different  cul¬ 
tures  and  take  different  approaches  to  IT, 
says  Kevin  Clark,  director  of  IT  operations. 
While  LucasArts  tends  to  use  available  IT 
products,  ILM  develops  more  of  its  own  tools 
in-house.  “We  have  to  do  a  better  job  partner¬ 
ing  with  R&0  and  engineering  to  support 
those  [in-house  tools],”  Clark  says. 

“It’s  difficult.  We're  still  going  through 
some  growing  pains,”  he  says,  as  the  con¬ 
verged  group  learns  to  support  the  IT  systems 
used  by  both  businesses. 

One  challenge,  for  example,  has  been  to 


properly  set  expectations  in  an  environment 
where  most  IT  equipment  is  used  for  produc¬ 
tion  and  every  failure  is  considered  a  crisis. 
“When  things  aren't  working,  there’s  a  real 
urgency  to  get  them  addressed,”  Clark  says. 
But  IT  still  must  prioritize.  “I’ll  be  enforcing 
how  we  set  expectations  within  those  pro¬ 
duction  units,”  he  says. 

The  companies  also  use  different  desktop 
and  server  systems.  “LucasArts  is  Windows- 
based,  and  ILM  is  Linux-based,  right  down  to 
the  desktop.  Just  bringing  that  together  - 
there  were  a  lot  of  challenges,”  Clark  says. 
While  the  end-user  environment  remains  a 
hybrid,  some  back-end  systems  have  already 
consolidated.  The  e-mail  system,  for  exam¬ 
ple,  is  now  officially  Microsoft  Exchange 
Server. 

Clark  is  already  prioritizing  other  projects. 
“We’ll  start  to  focus  next  year  on  service  lev¬ 
els  and  trying  to  weigh  what’s  most  critical,” 
he  says. 

-  Robert  L.  Mitchell 
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Congratulations  to  this 
year’s  “Best  Practices” 
Award  Recipients! 

The  “Best  Practices  in  Business 
Intelligence”  Award  Recipients 

were  honored  Wednesday, 

September  28th. 

Computerworld’s  Business  Intelligence  Perspectives  proudly 
presents  the  second  “Best  Practices  in  Business  Intelligence” 

Awards  Program,  honoring  top  IT  user  “best  practice”  case  studies 
selected  from  a  field  of  qualified  finalists. 


A.COMPUTERWORLD 

BUSINESS  INTELLIGENCE  PERSPECTIVES 

Best  Practices 

IN  BUSINESS  INTELLIGENCE 


AWARDS  PROGRAM 


AWARDS  PROGRAM  EXCLUSIVELY  SPONSORED  BY 

ORACLE 


Award  Recipients  in  each  of  the  following  categories  are: 


Creating  a  Bi  Vision  and  Strategies 
for  Improved  ROI 

Award  Recipients: 

•  Bacardi  U.S.A.  Inc.,  Miami,  Florida 

•  Hospital  Corporation  of  America  (HCA,  Inc.),  Nashville,  Tennessee 

Data  Visualization,  Prediction  and 
Presentation  by  Leveraging 
Customized  Solutions 

Award  Recipients: 

•  APEX  Management  Group,  Princeton,  New  Jersey 

•  JPMorgan  Chase,  New  York,  New  York 

Information  Retrieval  and  Reporting 
by  Leveraging  Off-the-Shelf 
Enterprise  Software 

Award  Recipients: 

•  Communications  Electronics-Life  Cycle  Management  Command  Acquisition 
Center,  Fort  Monmouth,  New  Jersey 

•  Intermountain  Health  Care,  Salt  Lake  City,  Utah 

Managing  and  Enhancing 

Bi  Applications  and  Infrastructure 

Award  Recipients: 

•  AT&T,  Middletown,  New  Jersey 

•  University  of  Minnesota,  Minneapolis,  Minnesota 

Planning,  Designing  and  Building 
the  BI  Infrastructure 

Award  Recipients: 

•  Amgen,  Inc.,  Thousand  Oaks,  California 

•  Export  Development  Canada  (EDC),  Ottawa,  Canada 
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RESEARCHERS  AT  MIT  have  mapped  a 
city  in  real  time  by  tracking  tens  of  thousands  of 
people  traveling  about  carrying  cell  phones. 

Using  anonymous  cell  phone  data  provided 
by  Austrian  cell  phone  operator  Al/Mobilkom, 
the  researchers  developed  the  Mobile  Land¬ 
scapes  project,  creating  electronic  maps  of  cell 
phone  use  in  the  metropolitan  area  of  Graz, 
Austria’s  second-largest  city. 

The  project  used  three  types  of  data  - 
the  density  of  cell  phone  calls,  the  origins  and 
destinations  of  the  calls,  and  the  positions  of 
users  tracked  at  regular  intervals  -  to  create 
computer-generated  images  that  can  be 
overlaid  on  one  another  and  with  geographic 
and  street  maps  to  show  the  peaks  and 
valleys  of  the  landscape  as  well  as  peaks  in 
cell  phone  use. 

"For  the  first  time,  we  are  able  to  visualize  the 


full  dynamics  of  a  city  in  real  time,”  says  project 
leader  Carlo  Ratti,  an  architect/engineer  and 
head  of  MIT’s  Senseable  City  Laboratory.  “This 
opens  up  new  possibilities  for  urban  studies 
and  planning.  The  real-time  city  is  now  real.’’ 

The  research  could  also  have  implications 
for  use  in  large-scale  emergencies  and  for 
transportation  engineers  seeking  ways  to  bet¬ 
ter  manage  freeway  traffic,  according  to  Ratti. 


One  Genome 
Cornin'  Right  Up 

A  new  computational  tool  developed  at  the  U.S. 
Department  of  Energy’s  Pacific  Northwest  National 
Laboratory  (PNNL)  is  speeding  up  our  understand¬ 
ing  of  the  machinery  of  life  -  which  could  bring 
researchers  one  step  closer  to  curing  diseases, 
finding  safer  ways  to  clean  the  environment  and 
protecting  the  country  against  biological  threats. 


ScalaBlast  is  a  sophisticated  “sequence  align¬ 
ment  tool”  that  can  divide  the  work  of  analyzing  bio¬ 
logical  data  into  manageable  fragments  so  that 
large  data  sets  can  run  on  many  processors  simul¬ 
taneously.  With  this  technology,  large-scale  prob¬ 
lems  -  such  as  the  analysis  of  an  organism  -  can  be 
solved  in  minutes,  rather  than  weeks. 

In  order  to  get  answers  to  complicated  biological 
questions  more  quickly,  researchers  at  the  PNNL 
“parallelized”  the  software  using  the  powerful  Glob¬ 
al  Arrays  programming  tool  kit  to  create  algorithms 
to  divvy  up  the  work. 


DIFFERENCE  ENGINES 


Get  With 
The  Program 

■T~  ; TJ*  IN  1941,  Konrad  Zuse, 
a  German  who  had  already 
developed  a  number  of 
m ||  calculating  machines,  re- 

vg#  leased  his  Z3  machine, 
which  was  designed  to 
solve  complex  engineering  equations.  The 
Z3,  the  first  modern  programmable  computer, 
was  controlled  by  perforated  strips  of  discard¬ 
ed  movie  film.  It  was  also  the  first  machine  to 
work  on  the  binary  system,  as  opposed  to  the 
more  familiar  decimal  system,  making  it  the 
true  precursor  of  the  modern  computers 
used  today. 

Binary  representation  proved  important  in 
the  future  design  of  computers  that  took  ad¬ 
vantage  of  a  multitude  of  two-state  devices 
such  as  card  readers,  electric  circuits  that 
could  be  on  or  off,  and  vacuum  tubes. 

In  1946,  Zuse  founded  the  first  pure  com¬ 
pute  start-up  company,  Zuse-lngenieurburo 


Hopferau.  He  laterfounded  another  company, 
Zuse  KG,  which  in  September  1950  became 
the  first  manufacturer  in  the  world  to  sell  a 
computer,  the  Z4.  Zuse  KG’s  Z22  was  the  first 
computer  with  a  memory  based  on  magnetic 
storage. 

Zuse  generated  ripples  in  the  scientific 
pond  in  1967  when  he  suggested  that  the  uni¬ 
verse  itself  is  running  on  a  grid  of  computers. 
His  1969  book  RechnenderRaum(  translated 
at  MIT  as  Calculating  Space)  expanded  on 
the  idea  and  was  the  obvious  precursor  to 
Stephen  Wolfram's  attention-grabbing  2002 
book,  A  New  Kind  of  Science, 

. . 
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PNNL  researchers  say  ScalaBlast  may  be  used 
to  process  complex  genomic  sequences  -  work 
that’s  essential  to  understanding  the  building 
blocks  of  genomes  and  how  they  work  and  fit  to¬ 
gether.  Genomes  represent  an  organism’s  entire 
DNA,  including  its  genes. 

Before  ScalaBlast  was  available,  it  took  re¬ 
searchers  10  days  to  analyze  one  organism. 

Now,  they  can  analyzed  organisms  in  nine  hours. 
O  56880 
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ScalaBLAST 


ScalaBlast  calculation  capacity  compared 

with  8last,  a  conventional  algorithm 
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Wait  until  you  see  how  impressive  you  look  on  Polycom  video 
conferencing  systems.  They're  intuitive,  cost-effective,  work  with 
your  infrastructure,  and  make  you  look  like  a  star.  To  learn  more, 
sit  back  and  enjoy  the  show  at  polycom.com/experience 
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IBM  eServer™  xSeries 


TECHNOLOGY  THAT  GETS  YOU 

■  ’S 


Affordable,  reliable,  easy  to 


manage;  eServer  xSeries  with  Intel®  Xeon™  Processors 


IBM  eServer  xSeries  226  Express 

An  entry-level  2-way  server  that 
offers  the  reliability  and 
performance  needed  for  day-to- 
day  computing.  Easy  to  set  up 
and  deploy,  with  access  to  all 
major  system  components. 

System  features 

Up  to  two  Intel®  Xeon™ 
Processors  3GHz/2MB 

Two-way  tower  with 
rack  capability 

Up  to  6  hot-swappable 

SCSI  hard  disk  drives  _ 

Integrated  RAID  0,1 
Limited  warranty:  up  to  3 
years  on-site3 

From  $1,6394* 

(Other  configurations  as  low  as  $1,229) 

IBM  Financing  Advantage 

Only  $46  per  month5 


IBM  eServer  xSeries  346  Express 

Help  maximize  performance  and 
improve  availability  in  a  rack 
dense  environment  with 
Xtended  Design  Architecture™ 
Includes  Calibrated  Vectored 
Cooling,  an  IBM  innovation  that 
helps  increase  uptime. 

System  features 

Up  to  two  Intel®  Xeon™ 
Processors  3GHz/2MB 

Two-way  2U  rack  server 

Up  to  16GB  DDR2  memory 
using  8  DIMM  slots  with 
enhanced  memory 

Limited  warranty: 

3  years  on-site3 

From  $3,3154* 

(Other  configurations  as  low  as  $2,219) 

IBM  Financing  Advantage 

i  Only  $93  per  month5 


IBM  eServer  xSeries  260  Express 

IBM’s  newest  third-generation 
Enterprise  X-Architecture® 
server.  Designed  for  companies 
looking  for  database,  e-mail, 
Web/e-commerce  or  consolidated 
application  serving. 

System  features 

Up  to  four  64-bit  Intel®  Xeon™ 
Processors  MP,  up  to  3.66GHz 

Four-way  tower  or  7U  rack 
capability 

Up  to  3.6TB  hot-swappable 
SAS  (serial  attach  SCSI) 
hard  disk  storage 

Up  to  64GB  of  memory  with 
advanced  memory  protection 

Limited  warranty:  3  years  on-site3 

From  $5,3994* 

(Other  configurations  as  low  as  $4,599) 

!BM  Financing  Advantage 

Only  $151  per  month5 
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Flexible  and  easy  to  use 


IBM  eServer  BladeCenter  HS20  Express 

Offers  extreme  flexibility  and 
scalability,  plus  it  helps  to 
consolidate  and  simplify  your 
infrastructure.  Helps  reduce 
power  consumption  and  save 
valuable  floor  space. 


System  features 

Up  to  two  Intel®  Xeon™ 
Processors  3.20GHz/2MB 
Up  to  14  blades  per  chassis 
Supports  both  32- 

and  64-bit  applications 
IBM  Director- 
Limited  warranty: 

3  years  on-site3 


From  $2,8994* 

(Other  configurations  as  low  as  $1,669) 

IBM  Financing  Advantage 

Only  $81  per  month5 


IBM  TotalStorage®  Simplify  storage  management  to  improve  productivity 


IBM  TotalStorage  DS300  Express 

This  entry-level,  cost-effective  iSCSI  host- 
attached  storage  system  utilizes  your  existing 
network  infrastructure  to  deliver  advanced 
functionality.  Provides  an  exceptional  SAN 
storage  solution  with  xSeries  servers  for 
e-mail/file/print. 


System  features 

3U  rack  mount  entry-level 
with  two  controllers 

Support  for  up  to  14 

Ultra320  SCSI  disk  drives 


Starts  at  584GB  / 
scales  to  4.2TB6 
Limited  warranty:  1  year 
on-site3 


From  $6,4554*  IBM  Financing  Advantage 

(Other  configurations  as  low  as  $2,995)  Only  $180  per  month5 


‘All  prices  are  IBM's  estimated  retail  selling  prices  as  of  September  13. 2005.  Prices  may  vary  according  to  configuration.  Resellers  set  their  own  prices,  so  reseller  prices  to  end  users  may  vary  Products  are  subject  to  availability.  This  document  was  developed  tor  offerings 
in  the  United  States.  IBM  may  not  oiler  the  products,  features,  or  services  discussed  in  this  document  in  other  countries.  1.  IBM  Director  is  not  available  on  TotalStorage  products.  2.  IBM  Director  must  be  installed.  Products  included  in  IBM  Express  Servers  and  Storage  may 
also  be  purchased  separately.  3.  Telephone  support  may  be  subject  to  additional  charges.  For  on-site  labor,  IBM  will  attempt  to  diagnose  and  resolve  the  problem  remotely  before  sending  a  technician.  On-site  warranty  is  available  only  for  selected  components  4.  Prices  subject 
to  change  without  notice.  Starting  price  may  not  include  a  hard  drive,  operating  system  of  other  features.  Contact  your  IBM  representative  or  IBM  Business  Partner  for  the  most  current  pricing  in  your  geography,  5.  IBM  Global  Financing  offerings  are  provided  through  IBM 


USED  TO  SAYING: 
UNDER  CONTROL.” 

IBM  Express  Servers  and  Storage  tor  mid-sized  business. 

r|  Know  an  IT.  person  who  doesn’t  like  to  hear  that  “everything’s  under  control”? 
h  We  don’t.  That’s  why  we  offer  an  innovative  management  tool  called  IBM 

Director  that  can  alert  your  I.T.  people  to  potential  problems  up  to  48  hours  in 
:  advance.1 

|  And  our  Calibrated  Vectored  Cooling  on  select  xSeries®  servers  helps  cool  your 
systems  more  efficiently.  Packing  more  servers  into  a  single  rack.  Helping  to 
save  space,  energy,  money. 

With  IBM  Express,  innovation  comes  standard.  That’s  true  for  servers,  storage 
and  printers.  Your  local  IBM  Business  Partner  can  tell  you  more.  And  remember, 
you  can  keep  your  technology  current  while  helping  to  reduce  costs  -  through 
IBM  Global  Financing. 

Excited?  No  need  to  control  yourself.  Get  started  today. 


Save  time.  Save  costs.  Save  the  day!  (Optimize  your  I.T) 

ibm.com/systems/innovate1 

1  8O0-IBM-7777  mention  104CE04A 


IBM  TotalStorage  DS400  Express 

Exceptional  entry-level  solution  for  workgroup 
storage  needs.  With  advanced  functionality, 
the  DS400  supports  xSeries  servers  and 
utilizes  hot-swap  Ultra320  SCSI  drives  for 
high  reliability. 


System  features 

3U  rack  mount  entry-level  with  up  to  Starts  at  584GB  /  scales  to  12TB6 
two  controllers 

2GB  Fibre  Channel  storage  systems  Limited  warranty:  1  year  on-site3 
area  network  (SAN) 

From  $8,495  *  IBM  Financing  Advantage 

(Other  configurations  as  low  as  $4,995)  Only  $237  per  month5 
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Podcasting 

DEFINITION 

Podcasting  is  a  method  of  publishing  audio  broadcasts  via  the 
Internet  in  which  users  subscribe  to  an  automatic  feed  of  new 
files  for  subsequent  downloading  to  and  playback  on  portable 
music  players  or  PCs.  Podcasting  differs  from  other  types  of 
online  media  distribution  in  that  it’s  organized  on  a  subscription 
model,  using  automatic  feeding  mechanisms  (typically  RSS)  to 
deliver  enclosed  files. 


QUII 
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BY  RUSSELL  KAY 

When  Apple  Comput¬ 
er  Inc.  introduced 
its  handheld  music 
player,  the  iPod,  in 
2001,  few  anticipated  that  it 
would  spawn  —  and  even  give 

its  name  to  —  a  new  - 

public  medium  for  in¬ 
formation  dissemina¬ 
tion.  But  in  little  more 
than  a  year  since  it 
first  hit  national  con¬ 
sciousness  in  the  fall 
of  2004,  podcasting  has  be¬ 
come  a  significant  channel  for 
distributing  audio  materials. 

Podcasting  marks  both  the 
expansion  of  radio/audio  pub¬ 
lishing  (with  video  likely  to 
join  them  soon)  into  a  pop¬ 
ulist,  subscriber-based  medi¬ 
um  and  the  freeing  of  such 
programming  from  the  stric¬ 
tures  of  real-time  listening. 

Podcasts  started  out  as 
short  bits  from  individual 
bloggers.  Today,  podcasts  are 
available  from  many  commer¬ 
cial  broadcast  and  publishing 
concerns,  including  newspa¬ 
pers,  television  networks,  Na¬ 
tional  Public  Radio,  the  BBC, 
magazines  and  various  other 
informational  Web  sites. 

The  term  itself,  made  by 
combining  “iPod”  and  “broad¬ 
casting,”  encompasses  three 
distinct  elements: 

1.  PROGRAMMING:  Podcasters 
create  audio  programs,  usually 
in  the  form  of  MP3  files, 
which  they  upload  to  Web 
sites.  Anyone  with  a  computer 
and  a  microphone  can  now 
create  audio  programming. 
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Podcasts  range  in  format 
from  crude,  bloglike  individ¬ 
ual  diaries  featuring  personal 
rants  and  ramblings  to  slick, 
professionally  produced  inter¬ 
views  and  discussions  and  re¬ 
distributed  programming  from 

-  commercial  and  public 

broadcasting  organiza¬ 
tions.  The  subjects  of 
podcasts  cover  the 
gamut  of  human  inter¬ 
est  and  experience. 
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2.  PUBLICATION  AND  SUBSCRIP¬ 
TION:  This  takes  place  via  Web 
sites  that  index  and  facilitate 
the  finding  of  and  subscrip¬ 
tion  to  podcasts  according 

to  subject  matter,  source, 
creator,  metadata  tags  and 
other  criteria.  Podcasting  dif¬ 
fers  from  other  types  of  online 
media  distribution  in  that  it’s 
largely  organized  on  a  sub¬ 
scription  model,  using  auto¬ 
matic  feeding  mechanisms 
(such  as  RSS  or  Atom;  see 
the  QuickStudy  at  QuickLink 
46266)  to  deliver  files  to 
audiences. 

In  addition,  a  number  of 
Web  sites  now  catalog  thou¬ 
sands  of  available  podcasts, 
which  the  user  can  download 
or  subscribe  to  with  a  simple 
click. 

3.  PLAYBACK:  A  user  simply 
downloads  a  podcast  to  his 
computer  and  subsequently 
transfers  it  (often  automatical¬ 
ly)  to  an  iPod  or  other  music 
player  for  listening  to  at  his 
convenience  and  not  the 
broadcaster’s  schedule.  VCRs 
and  then  TiVo  liberated  televi¬ 


sion  viewers  from  having  to 
adhere  to  broadcasters’  sched¬ 
ules.  Now,  podcasting  has 
extended  such  capability  to 
mobile  players  for  audio  and 
radio  programming. 

Access  is  simplified  by  sub¬ 
scription  and  by  the  automatic 
transfer  of  downloaded  pod¬ 
casts  from  a  computer  to  a 
portable  music  player  when 
the  player  is  docked. 

Origins 

Blogging  software  and  the  au¬ 
tomatic  feed  mechanism  RSS 
first  came  together  in  2001, 
when  Adam  Curry,  Tristan 
Louis  and  Dave  Winer  added 
the  ability  to  enclose  elements 


to  Winer’s  Radio  Userland 
weblog  aggregator. 

In  2003,  Stephen  Downes 
began  aggregating  and  distrib¬ 
uting  audio  files  in  his  Ed 
Radio  site  ( www.downes.ca/ 
ed_radio.htm ),  and  talk-show 
host/journalist  Christopher 
Lydon  started  publishing  on¬ 
line  audio  interviews  (http:// 
blogs.law.harvard.edu/lydon). 

In  August  2004,  Curry,  a  for¬ 
mer  MTV  video  jockey,  began 
distributing  a  daily  MP3  audio 
blog,  “The  Daily  Source  Code.” 
Curry  now  offers  a  number  of 
podcast-related  resources  on¬ 
line  and  on-air,  including 
“Adam  Curry’s  PodShow”  on 
Sirius  Satellite  Radio  and  the 
iTunes  PodFinder  guide  to 
podcasts. 

Curry  also  created  iPodder 
( http://ipodder.sourceforge . 
net),  which  was  the  first  pod¬ 
casting  aggregator. 

The  term  podcasting  evi¬ 
dently  first  appeared  in  a  Feb¬ 
ruary  2004  article  by  Ben 
Hammersley  in  the  British 
newspaper  The  Guardian.  By 
October  2004,  detailed  how-to 
podcast  articles  had  begun  to 
appear  online. 

Podcasting  has  taken  off 
faster  than  many  other  phe¬ 
nomena.  In  2004,  blogger  and 
technology  writer  Doc  Searls 
( http://doc.weblogs.com )  start¬ 
ed  tracking  the  number  of  ref¬ 


erences  to  podcasts  found  by 
Google  Inc.  On  Sept.  28,  2004, 
there  were  24  hits.  Five  days 
later,  that  number  was  up  to 
2,750,  and  it  was  over  100,000 
in  three  weeks.  As  this  para¬ 
graph  is  being  written  in  Sep¬ 
tember  2005,  Google  returns 
56,900,000  hits. 

In  June  2005,  Apple  an¬ 
nounced  support  for  podcasts 
in  its  iTunes  software,  with 
distribution  through  its  iTunes 
Music  Store.  Within  two  days, 
customers  had  subscribed  to 
over  1  million  podcasts  from 
Apple’s  then-available  3,000 
selections. 

At  this  writing,  iTunes 
offers  8,828  distinct  podcast 
sources,  while  www.podcast. 
net  lists  11,552  choices. 

©  56922 

Kay  is  a  Computerworld  con¬ 
tributing  writer  in  Worcester, 
Mass.  You  can  contact  him  at 
russkay@charter.net. 

PERSONAL  PODCASTING 

For  a  primer  on  how  you  can  start  using 
podcasts,  go  to  our  Web  site: 

O  QuickLink  57099 

www.computerworld.coni 

Are  there  technologies  or  issues  you’d  like 
to  learn  about  in  QuickStudy?  Send  your 
ideas  to  quickstudy@computerworld.com 

To  find  a  complete  archive  of  our 
QuickStudies,  go  online  to 

Ocomputerworld.com/quickstudies 


Purposes  for  Podcastinj 


With  its  subscription  and  search-engine-aided  distribution,  podcasting  is  a  fine  example  of  niche  marketing  to  specialized 
audiences  and  interest  groups.  From  its  initial  use  by  individuals  to  create  their  own  “radio”  programs  or  audio  blogs,  pod¬ 
casting  is  now  used  for  a  number  of  purposes,  including  the  following: 

■  As  a  means  of  avoiding  regulation  from  bodies  such  quire  the  rental  and  maintenance  of  specialized  audio 

as  the  U.K.’s  Office  of  Communications  or  the  U.S.’s  equipment.  These  “musecasts”  may  be  authorized 
Federal  Communications  Commission,  which  restrict  audio  tours  or  unofficial  guides  produced  by  people 
what  can  be  broadcast  in  traditional  media.  or  organizations  unconnected  with  the  museum. 

■  As  a  vehicle  for  adding  audio  content  to  school  ■  As  an  outlet  for  publishers  and  broadcasters  to  dis- 

homework  assignments,  such  as  foreign-language  tribute  audio  to  supplement  news  and  entertainment 

and  other  curricula  created  by  the  Musselburgh  stories  and  programs.  For  example,  TV  producer  Ron 

Grammar  School  in  Scotland  ( http://mgsonline.blogs .  Moore  has  created  commentary  podcasts  for  each 

com/mgspodcast).  new  episode  of  the  SciFi  Channel’s  Battlestar  Galac- 

. . . : ; . ;  ;; . . .  tica(www.scifi.com/battlestar/downloads/podcasf). 

■  As  a  way  to  provide  public  access  to  government  0ther  ^  shows  have  sjnce  set  up  sjmj|ar  podcasts. 

officials,  candidates  and  political  parties,  and  as  a  . 

vehicle  for  disseminating  information  and  propagan-  ■  As  a  means  of  circumventing  mainstream  media, 
da  and  working  around  government  control.  The  5,500  locked-out  editors,  journalists,  techni- 

■  As  a  means  of  spreading  religious  messages  and  cians,  hosts  and  other  staffers  of  the  Canadian 

sermons  (sometimes  called  Godcasts).  Religion  and  Broadcasting  Corp.  are  podcasting  news  and 
spirituality  is  the  second-biggest  single  category  in  other  programming  through  http://cbcunplugged. 
Apple’s  podcast  listings,  behind  music.  blogware.com/blog/Podcasts. 

■  As  an  alternative  to  guided  museum  tours  that  re-  Adapted  from  Wikipedia  ( http://en .  wikipedia.org/wiki/Podcasting). 
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Playing  Nice  With 
Physical  Security 

There’s  a  fine  line  between  a  company’s 
security  departments,  and  you  have  to  be 
careful  in  crossing  it.  By  Mathias  Thurman 


T  A  SMALL  COMPANY, 
the  information  securi¬ 
ty  manager  is  some¬ 
times  also  responsible 
for  physical  security.  At  very 
large  corporations,  the  physi¬ 
cal  security  —  sometimes 
called  safety  and  security  —  is 
a  completely  separate  depart¬ 
ment,  responsible  for  hard¬ 
ware  such  as  biometric  ID  or 
badge  systems,  security  cam¬ 
eras  and  the  manage¬ 
ment  of  guards.  Safe¬ 
ty  and  security  de¬ 
partments  handle 
investigations  of 
physical  breaches, 
such  as  theft,  and 
workplace  violence. 

Typically,  the  managers  and 
staff  assigned  to  the  physical 
security  department  have 
completely  different  back¬ 
grounds  from  their  counter¬ 
parts  in  information  security 
and  have  a  different  set  of 
skills.  One  group  deals  in 
things  like  the  Reid  interview 
technique,  proximity  device 
criteria  and  perimeter  securi¬ 
ty,  and  the  other  in  things  like 
routing,  Unix  administration, 
buffer  overflows,  span  ports 
and  rogue  access  points.  In 
short,  these  two  staffs  speak 
different  languages. 

Don’t  get  me  wrong  —  in¬ 
formation  security  and  physi¬ 
cal  security  must  work  side 
by  side.  In  my  case,  I  will  be 
working  very  closely  with  the 
physical  security  manager  on 
many  of  the  intellectual  prop¬ 
erty  initiatives  I’ve  been  asked 
to  tackle.  We’ve  already  devel¬ 
oped  a  strong  relationship, 
but  in  every  organization  big 
enough  to  have  separate  secu¬ 
rity  departments,  it’s  neces¬ 
sary  to  draw  a  line  in  the  sand. 
For  some  companies,  the  line 


is  thick  and  definitive,  while  in 
others,  it’s  very  thin.  But  in  ei¬ 
ther  case,  when  you  cross  the 
line,  you  can  create  problems 
for  the  guy  on  the  other  side. 

As  I’ve  mentioned  in  previ¬ 
ous  installments,  I  recently 
took  a  position  as  the  informa¬ 
tion  security  manager  at  a  fair¬ 
ly  large  company.  Prior  to  my 
arrival,  there  hadn’t  been  a 
dedicated  information  securi¬ 
ty  manager  on  staff 
for  almost  a  year.  In 
the  interim,  infor¬ 
mation  security  re¬ 
sponsibilities  were 
absorbed  by  other 
departments.  It  was 
sensible  and  appro¬ 
priate  that  the  Unix  team,  net¬ 
work  engineering  and  the  help 
desk  took  on  many  traditional 
information  security  roles  and 
responsibilities.  And  since 
there  was  no  official  point  of 
contact  for  information  secu¬ 
rity  initiatives,  the  physical  se¬ 
curity  manager  took  it  upon 
himself  to  research  a  method 
to  monitor  employees’  activi¬ 
ties  while  they  were  logged 
into  their  workstations. 

He  did  some  research  on  the 
Internet  and  made  some  calls 
to  colleagues.  After  that,  he 
coordinated  several  rounds 
of  vendor  presentations  and 
demos  before  Finally  funding  a 
pilot  program  involving  the  in- 


ln  short,  these 
two  staffs  speak 
different  languages. 


stallation  of  Digital  Guardian 
from  Verdasys  Inc.  in  Waltham, 
Mass.,  on  several  desktop  com¬ 
puters  within  the  company. 
Digital  Guardian,  which  can 
be  installed  either  covertly  or 
overtly,  provides  the  ability  to 
monitor  a  user’s  activity  per  a 
defined  policy.  The  product 
can  also  be  leveraged  to  con¬ 
trol  a  user’s  desktop. 

When  properly  deployed, 
Digital  Guardian  lets  you  log 
user  activities  that  traditional 
intrusion-detection  systems 
might  not  be  able  to  detect. 

For  example,  it  can  monitor 
activities  related  to  the  copy¬ 
ing  of  data  to  external  media. 
Products  like  this  can  address 
internal  investigations  and  fill 
in  the  gaps  that  can  be  left  be¬ 
hind  by  other  technology  for 
protecting  intellectual  proper¬ 
ty.  But  make  note  of  that 
“when  properly  deployed.” 

Deployment  Planning 

Deployment  isn’t  as  simple  as 
merely  installing  software  and 
then  monitoring  users’  activi¬ 
ties.  When  you’re  dealing  with 
software  that  can  affect  many 
employees  and  must  be  in¬ 
stalled  on  many  desktops  and 
laptops,  proper  planning  is 
essential. 

In  this  case,  the  technical 
elements  of  the  deployment 
were  somewhat  lacking,  and 
now  I  have  to  deal  with  the 
ramifications.  For  example, 
the  application  will  need  to 
be  tested  on  multiple  desktop 
configurations.  We  have  a 
worldwide  presence  that  ne¬ 
cessitates  the  support  of  mul¬ 
tiple  languages,  and  we  also 
have  to  be  wary  of  all  sorts  of 
third-party  applications  that 
may  conflict  with  the  product. 

In  addition,  we’re  going  to 
need  to  train  the  help  desk  to 
deal  with  issues  that  may 
arise.  Roles  and  responsibili¬ 
ties  of  various  parties  have  to 
be  defined,  the  support  struc¬ 


ture  has  to  be  established,  a 
rollout  plan  has  to  be  devised, 
and  policies  have  to  be  man¬ 
aged.  We  have  to  understand 
the  relationship  between  the 
management  server,  which  is 
responsible  for  managing  poli¬ 
cies  and  collecting  logs,  and 
the  individual  agents,  which 
reside  on  each  user’s  worksta¬ 
tion.  Are  there  bandwidth  is¬ 
sues  that  the  network  team 
might  need  to  know  about? 
Ports  that  need  to  be  opened 
on  the  firewall?  Redundancy 
issues?  Fail-over  considera¬ 
tions?  Storage  requirements? 
Fundamental  documentation, 
such  as  test  plans,  architecture 
diagrams,  project  plans  and 
timelines,  weren’t  created. 

Now  that  we’ve  begun  to 
address  these  matters,  things 
seem  to  be  going  well,  and  I 
have  high  hopes  for  the  prod¬ 
uct’s  use  in  our  environment. 
But  if  this  isn’t  tested  properly, 
and  if  the  underlying  support 
infrastructure  isn’t  defined, 
the  project  could  fail. 

Also,  that  line  between  in¬ 
formation  security  and  physi¬ 
cal  security  needs  to  be  de¬ 
fined  and  clearly  understood. 

Rogue  access-point  detec¬ 
tion  is  a  perfect  example.  As 
the  information  security  man¬ 
ager,  I’m  responsible  for  de¬ 
ploying  the  technology  that 
will  be  used  to  identify  the  in¬ 
stallation  of  unauthorized 
wireless  devices  within  the 
company.  However,  entering 
an  employee’s  office  or  dealing 
with  an  employee  directly  to 
obtain  the  access  point  will  fall 
under  the  physical  security  de¬ 
partment’s  responsibilities. 

Another  example  is  data 
forensics.  We  are  in  the 
process  of  purchasing  soft¬ 
ware  for  that,  and  we  may  set 
up  the  process  so  that  physi¬ 
cal  security  will  image  the 
drive  while  information  secu¬ 
rity  conducts  the  actual  foren¬ 
sic  investigation.  I 

WHAT  DO  YOU  THINK? 

This  week’s  journal  is  written  by  a  real  secu¬ 
rity  manager.  “Mathias  Thurman,"  whose 
name  and  employer  have  been  disguised  for 
obvious  reasons.  Contact  him  at  mathias_ 
thurman@yahoo.com,  or  join  the  discussion 
in  our  forum:  QuickLink  a1590 

To  find  a  complete  archive  of  our 
Security  Manager's  Journals,  go  online  to 

o  computerworld.com/secjournal 
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Security  Bookshelf 

Rootkits:  Subverting  the  Win¬ 
dows  Kernel,  by  Greg  Hoglund 
and  Jamie  Butler  (Addison- 
Wesley  Professional,  2005). 

I  picked  up  this  book  because 
I’ve  rarely  seen  — - 


rootkit  titles  * - -  - 

that  focus  on  ROOTKITS 

the  Windows  A‘i  1 

environment. 

I’m  glad  I  did. 

The  book  has 
excellent  techni¬ 
cal  explanations 
of  security  is¬ 
sues  such  as 


Wt  utim 


subverting  Windows  in  order 
to  deploy  rootkits  and  execute 
other  types  of  malicious  code. 
Some  parts  were  a  little  over 
my  head,  but  I  enjoyed  learning 
how  keystroke  loggers  work 
and  how  they  can  be  layered  in 
with  other  device  drivers  so 
that  a  malicious  scripter  can 
sneak  them  in.  Despite  the 
deep  tech  talk,  this  is  a  good 
reference  tool. 

-  Mathias  Thurman 
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Hack  in  the  Box 
Has  Prize  Inside 

Taiwanese  microprocessor 
vendor  Via  Technologies  Inc. 
offered  a  S5,000  prize  to  the 
hacker  who  could  break  its 
StrongBox  security  applica¬ 
tion  during  a  hacking  contest 
at  the  Hack  in  the  Box  Security 
Conference,  which  took  place 
last  week  in  Kuala  Lumpur, 
Malaysia.  Announced  last 
week,  StrongBox  uses  a  com¬ 
bination  of  hardware-based 
SHA-1  and  256-bit  AES  en¬ 
cryption  to  create  a  secure  vir¬ 
tual  drive  on  a  computer  of  up 
to  40GB.  The  application  is 
designed  for  computers  based 
on  Via’s  C7  and  C7-M  proc¬ 
essors  that  have  the  com¬ 
pany’s  PadLock  Security  En¬ 
gine.  As  of  press  time,  no  one 
had  claimed  the  prize. 

Phone  Security 
Spec  in  the  Works 

A  new  mobile  security  specifi¬ 
cation  being  developed  by  the 
Trusted  Computing  Group  is 
expected  to  be  released  in  the 
first  half  of  2006. 
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OQO  Upgrades 
Handheld  PC 

■  San  Francisco-based  handheld 
PC  vendor  OQO  has  launched  its 
newest  device,  Model  01+.  It  fea¬ 
tures  upgraded  memory,  a  larger 
hard  drive,  faster  USB  support 
and  an  improved  universal  power 
supply,  according  to  OQO.  Model 
01+  runs  Microsoft  Windows  XP 
and  has  512MB  of  RAM,  a  30GB 
shock-mounted  hard  drive,  USB2 
and  a  universal  power  cord  that 
can  be  used  on  airplanes  or  in 
automobiles.  It  starts  at  $1,899. 


Nortel  Updates 
Contact  Center 

■  Nortel  Networks  Corp.  an¬ 
nounced  Expert  Anywhere  Con¬ 
tact  Solution,  a  feature  of  its  new 
Contact  Center  6.0  release  that 
gives  corporate  users  the  ability 
to  send  a  customer  call  to  any  ex¬ 
pert  customer  service  agent,  re¬ 
gardless  of  location.  Expert  Any¬ 
where  is  part  of  Nortel’s  Applica¬ 
tion  Center,  which  is  based  on  the 
SIP  standard. 


Symbol  Launches 
Bar  Code  Scanner 

@  Symbol  Technologies  Inc.  in 
Holtsville,  N.Y.,  announced  the 
LS4208  laser  bar  code  scanner 
for  use  in  retail,  health  care  and 
warehouse  settings.  The  device 
uses  a  multiline  scan  pattern  for 
scanning  of  one-dimensional  bar 
codes.  It  offers  a  19-inch  scan¬ 
ning  range  and  will  tolerate  more 
motion  than  existing  models.  It’s 
available  now  for  $265. 

Sun  Releases 
StarOffice  8 

»  Sun  Microsystems  Inc.  has  re¬ 
leased  Version  8  of  its  StarOffice 
desktop  productivity  suite.  The 
software  now  complies  with  the 
OASiS  OpenDocument  standard 
to  improve  its  ability  to  share 
documents  with  competing  soft¬ 
ware  suites,  including  Microsoft 
Office.  Pricing  starts  at  $35  per 
user  on  a  tiered  basis. 


MARK  WILLOUGHBY 


Keep  Humans  in  the 
Authentication  Loop 


PROVING  THE  IDENTITY  of  a  human  com¬ 
puter  user  is  so  yesterday  —  all  those  what- 
you-have,  what-you-know  and  what-you- 
are  questions.  Biology  is  so  trivial  compared 
with  well-designed  authenticating  devices, 
though  the  missing  human  raises  big  philosophical 
questions. 


Device  authentication  is 
being  refined  now  to  codify 
how  computer  hardware  and 
software  will  prove  they  are 
secure  for  future  automated 
services.  Without  humans 
in  the  loop,  computers  will 
soon  be  interoperating  and 
exchanging  software  updates 
on  their  own. 

The  big  debate  is  over  au¬ 
thenticating  devices  unfet¬ 
tered  by  human  control 
mechanisms.  The  argument 
is  over  which  master  your 
PC  should  serve,  the  local  biology  or 
some  distant  master  with  regulatory 
connections. 

Device  authentication  woven  into  the 
Internet  can  turn  your  computer  into  Big 
Brother,  an  enforcement  tool  for  copy¬ 
right  owners  demanding  annual  sub¬ 
scriptions  or  one-time  fees.  It  can  stop 
you  from  playing  that  song  or  movie 
your  friend  shared  with  you.  It  can  keep 
you  from  breaking  the  law,  regardless  of 
your  wishes. 

Device  authentication  offers  a  lot  of 
very  useful  technologies  to  secure  the 
Internet,  with  memory  curtaining,  se¬ 
cure  input  and  output,  and  sealed  stor¬ 
age.  Even  in  the  technology  community, 
where  varying  opinions  abound  on 
everything,  a  consensus  has  formed 
around  the  undeniable  usefulness  of 
these  device  authentication  methods, 
which  have  roots  in  the  Trusted  Com¬ 
puting  Group’s  trusted  computing  secu¬ 
rity  model. 

The  TCG’s  security  model  has  tradi¬ 
tionally  focused  on  software  isolation, 
keeping  programs  from  interfering  with 


one  another.  It  did  not  at¬ 
tempt  to  throttle  insecure, 
harmful  or  undesirable  soft¬ 
ware,  reflecting  the  democ¬ 
ratic  tradition  of  not  making 
too  many  laws  to  protect 
people  from  themselves. 

But  an  evolving  TCG  de¬ 
vice  authentication  standard 
called  remote  attestation 
is  taking  the  TCG  into  un¬ 
charted  philosophical  wa¬ 
ters.  Remote  attestation  gen¬ 
erates  a  hash  value  for  soft¬ 
ware  modules  authenticat¬ 
ing  to  services  or  other  software,  with  no 
user  involvement.  If  users  attempt  an 
end  run  by  altering  the  hash  value,  they 
won’t  be  recognized  by  the  remote  ser¬ 
vice  or  software.  Your  PC,  in  effect,  has  a 
governor  on  it  telling  you  what  you  can 
and  cannot  run. 

The  information  libertarians  at  the 
Electronic  Frontier  Foundation  are  call¬ 
ing  remote  attestation  a  Trojan  horse 
threat  to  the  free  marketplace  of  infor¬ 
mation.  In  the  words  of  the  EFF’s  Seth 
Schoen,  remote  attestation  “fails  to  dis¬ 
tinguish  between  applications  that  pro¬ 
tect  computer  owners  against  attack  and 
applications  that  protect  a  computer 
against  its  owner  [who]  is  sometimes 
treated  as  just  another  attacker  or  ad¬ 
versary  who  must  be  prevented  from 
breaking  in  and  altering  the  computer’s 
software.” 

The  cybervigilantes  at  the  EFF  take 
issue  with  the  potential  anticompetitive 
and  anticonsumer  direction  of  remote 
attestation.  The  EFF  sees  removing  biol¬ 
ogy  from  the  authentication  process  as  a 
threat  because  the  owners  of  the  ser¬ 
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vices  or  software  will  be  able  to  enforce 
actions  onto  users. 

According  to  the  EFF,  remote  attesta¬ 
tion  is  not  “part  of  the  rationales  for 
trusted  computing  publicly  offered  by  its 
proponents.”  For  a  hidden  agenda,  they 
olook  no  further  than  the  Digital  Millen¬ 
nium  Copyright  Act  (DMCA).  The  EFF 
also  points  to  another  evolving  standard, 
the  Copy  Generation  Management  Sys¬ 
tem  for  Analog  (CGMS-A),  as  the  Big 
Brother  that  will  protect  all  copyrighted 
content  on  the  Internet.  CGMS-A,  in  tan¬ 
dem  with  remote  attestation,  will  en¬ 
force  preferences  for  recording  or  play¬ 
ing  a  protected  work. 

The  EFF  sees  a  huge  new  market  being 
created  by  large  corporate  content  own¬ 
ers  and  technology  companies  that  will 
charge  you  for  every  song  played  on  your 
iPod.  A  software  behemoth  in  Redmond, 
Wash.,  is  in  discussions  with  entertain¬ 
ment  companies  regarding  the  Microsoft 
Protected  Media  Path  project.  PMP  pre¬ 
vents  peripherals,  like  DVD  drives,  from 
playing  unauthenticated  software.  Who 
wants  to  be  locked  out  of  the  Windows 
home  entertainment  marketplace? 

When  you’re  finished  contributing  to 
Hurricane  Katrina  relief,  sign  on  to  sup¬ 
port  the  EFF’s  Owner  Override  proposal. 
Owner  Override  puts  humans  back  into 
the  device  authentication  loop.  Users 
can  opt  to  break  the  copyright  law. 
Humans,  as  they  did  before  the  DMCA, 
can  misrepresent  their  computers  and 
give  the  desired  remote  attestation  hash 
value,  even  if  it  doesn’t  reflect  the  actual 
state  of  their  machines. 

Owner  Override  takes  away  the  PC’s 
ability  to  spite  its  owner.  It  removes  the 
potential  for  remote  attestation  to  push 
the  TCG  into  anti-interoperability  and 
anticompetitive  policies.  In  a  democracy, 
citizens  should  be  able  to  choose  if,  and 
how,  they  want  to  obey  the  law  —  as 
well  as  suffer  the  consequences  of  their 
actions,  ergo  speeding  tickets.  ©  56887 
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Simplify  your  I.  T.  and  your  business.  IBM  servers  and  storage  are  designed  to 
help  you  do  just  that.  Take  the  IBM  Total  Storage®  DS4100  Express  with  DACstore. 
It  can  help  you  reconfigure  or  add  capacity  while  staying  up  and  running. 
No  need  to  stop  to  reset  drives. 

Because  with  IBM  Express,  innovation  comes  standard.  That’s  true  for  servers, 
storage  and  printers.  What’s  more,  you  can  keep  your  technologies  current 
while  helping  to  reduce  costs  -  through  IBM  Global  Financing. 

All  things  considered,  an  I.  T.  hero  deserves  nothing  less. 


MEET  3  HEROES  IN  THE  BATTLE  AGAINST  I.T.  COMPLEXITY. 
YOU’RE  THE  4TH. 


IBM  TotalStorage  DS4100  Express 

Ships  with  1.25TB1 

DACstore  for  configuration  metadata 
3.5TB  with  1  controller;  28TB  with  21 
Limited  warranty:  1  year  on-site2 

From  $7,349* 

(Other  configurations  as  low  as  $6,599) 

IBM  Financing  Advantage 

Only  $206/mo.3 


2 


CD 

O 

Q_ 

0 

CD 

Q. 

O 


5 

|_ 


IBM  eServer  OpenPower  720  Express 

Built  on  IBM  POWER5™  technology 
and  tuned  for  Linux® 
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2-  or  4-way  64-bit,  rack  or  tower  models 

Up  to  8GB  of  memory,  disk  capacity 
up  to  1.1TB1 _ 

Optional  Advanced  Virtualization  features 

DB2®  Express  Discover  CD 

Limited  warranty:  up  to  3  years  on-site2 
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IBM  TotalStorage  3580  Express 

Helps  protect  LTO™  investment 


Built_on  Ultriunf"  3  technology 

Read/write  compatible  with  Ultrium  2  drives 
-  read  compatible  with  Ultrium  1  drives 

Up  to  800GB  cartridge  physical  capacity 
with  2:1  compression1 

Limited  warranty:  3  years  on-site2 


From  $5,850* 


From  $9,774* 

IBM  Financing  Advantage 

Only  $273/mo.3 


IBM  Financing  Advantage 

Only  $164/mo.3 
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1  800-IBM-7777 
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Save  lime.  Save  costs.  Save  the  day! 
(Optimize  your  IT.) 

Your  local  IBM  Business  Partner  can  help. 


*AII  prices  stated  are  IBM's  estimated  retail  selling  prices  as  of  September  13, 2005.  Prices  may  vary  according  to  configuration.  Resellers  set  their  own  prices,  so  reseller  prices  to  end  users  may  vary.  Products  are 
subject  to  availability.  This  document  was  developed  for  offerings  in  the  United  States.  IBM  may  not  offer  the  products,  features,  or  services  discussed  in  this  document  in  other  countries.  1.  Denotes  raw  storage  capacity. 
Usable  capacity  may  be  less.  2.  Telephone  support  may  be  subject  to  additional  charges.  For  on-site  labor  IBM  will  attempt  to  diagnose  and  resolve  the  problem  remotely  before  sending  a  technician.  On-site  warranty 
is  available  only  for  selected  components.  3.  IBM  Global  Financing  offerings  are  provided  through  IBM  Credit  LLC  in  the  United  States  and  other  IBM  subsidiaries  and  divisions  worldwide  to  qualified  commercial  and 
government  customers.  Monthly  payments  provided  are  for  planning  purposes  only  and  may  vary  based  on  your  credit  and  other  factors.  Lease  offer  provided  is  based  on  a  FMV  lease  of  36  monthly  payments.  Other 
restrictions  may  apply.  Rates  and  offerings  are  subject  to  change,  extension  or  withdrawal  without  notice.  IBM,  the  IBM  logo,  eServer, TotalStorage,  OpenPower,  P0WER5  and  DB2  are  trademarks  or  registered  trademarks 
of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Linux  is  a  trademark  of  Linus  Torvalds  in  the  United  States  and  other  countries.  LTO  and  Ultrium  are  trademarks  of  Certance, 
HP  and  IBM  in  the  U.S.  and  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2005  IBM  Corporation.  All  rights  reserved. 


Brilliant  color, 
most  cost-effective, 
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A  whole  new  reason  to  smile 


People  Friendly. 


KhJDCERa 


KYOCERA  MITA  CORPORATION  KYOCERA  M1TA  AMERICA,  INC.,  a  group  company  of  Kyocera  Corporation 
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Interns  201 

Now  that  fall  is  here  and  your 
summer  interns  have  gone  back 
to  school,  it’s  time  to  upgrade  your 
internship  program  so  that  it  deliv¬ 
ers  more  value  for  you  and  them 
the  next  time  around.  Page  44 


‘What  We  Have  Here  Is  an  IT  Problem . . 

Is  there  any  way  to  end  the  finger-pointing 
between  IT  and  business?  IT  professionals 
Jennifer  Pfaff  and  Doug  Pfaff  share  their 
(sometimes  differing)  viewpoints  about 
why  it’s  often  so  hard  for  the  two  sides 
to  get  along.  Page  42 


OPINION 

Connected  or  Addicted? 

Keeping  in  touch  is  great,  says 
Paul  Glen,  but  when  managers 
go  overboard,  they  can  harm 
their  staffs,  their  companies  and 
themselves.  Page  46 
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Do  you  know  howto  respond  to 
the  inevitable  security  breach? 

You’d  better.  By  Mary  Brandel 


national  news  media,  you’d  better 
know  beforehand  how  you’re  going 
to  respond  when  a  breach  occurs. 

A  New  Reality 

“In  days  gone  by,  you  could  have 
thrown  up  your  hands  and  said, 
‘Geez,  this  was  an  accident,’  ”  says 
Scott  Sobel,  vice  president  at  Levick 
Strategic  Communications  in  Wash¬ 
ington.  “But  now  people  are  more  fa¬ 
miliar  with  IT  processes,  and  they 
may  believe  that  if  controls  weren’t 
in  place,  someone  was  negligent  or 
malicious.” 

That’s  why  your  immediate  re¬ 
sponse  to  a  security  breach  is  all- 
important.  And  it’s  not  enough  to 
lean  on  processes  you’ve  put  in 
place  to  respond  to  more  traditional 
threats  such  as  viruses  and  hacker  in¬ 
filtration.  Today,  threats  can  emanate 
from  sources  as  varied  as  fraudulent 
businesses  or  tape  thieves. 

“The  failures  in  the  business 
processes  that  have  occurred  this 
year  are  causing  organizations  to 
redesign  the  way  they  respond  to 
future  incidents  or  anomalies,”  says 
Rich  Baich,  managing  director  at 
PricewaterhouseCoopers  and  former 
chief  information  security  officer  at 
ChoicePoint  Inc.  in  Alpharetta,  Ga. 
Earlier  this  year,  it  was  revealed  that 
ChoicePoint  had  released  con¬ 
sumers’  personal  financial  informa¬ 
tion  to  data  thieves  posing  as  legiti¬ 
mate  businesses. 

One  important  change  worth  con¬ 
sidering,  Baich  says,  is  to  create  and 
publicize  a  central  mechanism  for 
employees  or  the  general  public  to 


A  DATA  SCANDAL  roll 

call  would  include  big 
names  in  nearly  every 
industry.  Bank  of  Amer¬ 
ica,  LexisNexis,  Time 
Warner,  DSW  Shoe  Warehouse, 
T-Mobile  and  the  University  of  Cali¬ 
fornia,  Berkeley,  to  name  a  few,  have 
recently  experienced  data  security 
breaches.  And  some  experts  say  that 
there  are  hundreds  if  not  thousands 
of  other,  less-publicized  cases  in 
which  sensitive  personal  data  has 
been  compromised. 

“There’s  the  hospital  that  unwit¬ 
tingly  exposes  a  couple  of  AIDS  pa¬ 
tients,  or  the  bank  that  inadvertently 
discloses  to  a  creditor  someone’s 
complete  financial  background,”  says 
Diana  McKenzie,  who  chairs  the  IT 
group  at  Neal,  Gerber  &  Eisenberg 
LLP,  a  Chicago  law  firm.  “There  are 
tons  and  tons  of  examples  like  that.” 

For  CIOs,  this  trend  means  two 
things:  It  may  not  be  a  case  of 
whether  your  company  will  experi¬ 
ence  a  data  security  breach  but  when 
it  will  experience  such  a  breach. 

And,  particularly  if  you’re  one  of 
the  unlucky  10%  or  less  who  find 
their  stories  blasted  throughout  the 
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report  possible  breaches,  including 
incidents  involving  low-tech  actions 
such  as  fraud  or  tape  theft.  There 
should  be  a  response  team  that  follows 
an  established  set  of  protocols,  not 
unlike  those  of  customer  service  hot 
lines,  where  a  trained  group  follows 
a  decision  tree  and  escalates  its  re¬ 
sponse  depending  on  the  nature  of  the 
problem. 

The  exact  response  protocol  will 
be  unique  to  each  organization.  Some 
may  want  to  report  directly  to  the  gen¬ 
eral  counsel,  others  to  the  CISO,  and 
others  to  the  president  of  the  company. 
However  you  choose  to  do  it,  the  esca¬ 
lation  procedure  should  be  defined 
and  agreed  upon  in  advance. 

“It  needs  to  be  something  that  says, 
‘During  Christmas  time,  from  this  hour 
to  this  day,  John  Brown  is  head  of  the 
team,  and  he’ll  have  access  to  this  at¬ 
torney  and  this  PR  person  and  this 
decision-maker  and  this  representative 
of  the  union,  instantly,’  ”  Sobel  says. 

Having  a  central  point  of  contact 
would  also  help  avoid  the  common 
problem  of  not  taking  incident  reports 
seriously,  McKenzie  says.  “If  a  busy  ex¬ 
ecutive  gets  a  call  from  a  person  outside 
the  company  who  doesn’t  sound  so- 


Here  are  four  steps  that  Forrester 
Research  Inc.  in  Cambridge,  Mass., 
advises  CIOs  to  take  to  prepare  for  a 
security  breach: 

Establish  your  incident  disclo¬ 
sure  policy.  Know  when  and  how 
you  will  disclose  breaches  of  personal 
information  in  compliance  with  laws. 

j|g | 

Review  your  privacy  policy. 

Make  sure  your  privacy  policy  is 
up  to  date  and  that  you  are  following  it. 
Claims  of  security  and  privacy  that  are 
false  or  misleading  can  open  wide  the 
doors  of  liability. 

Document  your  security  archi¬ 
tecture.  Understand  both  the 
processes  and  the  technologies  you’re 
using  to  secure  your  systems.  The  archi¬ 
tecture  needs  more  than  firewalls  -  it  must 
-  .  address  the  security  of  business  proc- 
1  esses  and  the  awareness  of  individuals. 


Classify  personal  information. 

Update  your  classification  policies 
so  that  they  include  personal  and  non¬ 
public  information.  Define  minimum 
security  controls  -  policy  and  process 
controls  as  well  as  technical  controls  - 
for  protecting  personal  information. 


Legal  Niceties 


IT’S  CLEAR  THAT  an  effective  response 
to  a  data  breach  requires  that  IT  have  close 
relationships  with  the  legal  and  public  rela¬ 
tions  departments  -  relationships  that  sim¬ 
ply  don’t  exist  in  many  large  companies. 

But  at  the  very  least,  IT  needs  to  know 
whom  to  call  and  how  to  reach  them.  With¬ 
out  that,  “it  can  really  degrade  into  a  Chi¬ 
nese  fire  drill,  where  everyone  is  running 
around  trying  to  call  other  people,”  says  Pe¬ 
ter  Gregory,  chief  security  strategist  at  Van- 
tagePoint  Security.  The  information  that  IT 
needs  to  share  includes  the  nature  of  the 
event,  what  kind  of  data  might  have  been 
affected  and  how  it  was  affected,  says  Eric 
Welz,  senior  solutions  architect  at  Vanguard 
Managed  Solutions.  For  instance,  was  data 
altered  or  deleted,  or  was  the  application 
unavailable  for  some  period  of  time? 

When  discussing  a  possible  security 
lapse  with  business  people,  avoid  jargon. 
“You  can  say  there  was  an  overflow  in  the 
database  logs,  and  they’ll  say,  Tell  me 
something  I  can  use,’  ’’  Gregory  says.  "It 
usually  takes  someone  who  can  talk  on 
both  sides  of  the  fence  to  properly  describe 


the  situation  in  business  terms.” 

Many  experts  say  the  sooner  you  involve 
attorneys,  the  better.  Scott  Sobel,  vice 
president  at  Levick  Strategic  Communica¬ 
tions,  compares  the  situation  to  that  of  a 
city  that  assigns  a  district  attorney  as  soon 
as  a  crime  occurs.  “They  advise  the  cops 
from  the  very  beginning  on  how  to  inter¬ 
view  people  and  how  to  protect  evidence,” 
he  says.  Similarly,  he  says,  “there  should  be 
thought  put  into  a  legal  model  for  CIOs  and 
other  C-suite  executives.” 

For  instance,  managers  may  be  tempted 
to  launch  their  own  investigations,  asking 
supervisors  to  interview  IT  staffers  about 
what  happened.  But  the  information  uncov¬ 
ered  in  those  interviews  could  be  consid¬ 
ered  discoverable  evidence  -  meaning  it 
would  have  to  be  disclosed  upon  request  in 
court,  says  Sobel.  If  an  attorney  does  the 
interviewing,  the  information  could  be  pro¬ 
tected  under  the  attorney-client  privilege. 

“You  have  to  resist  the  urge  to  fix  things 
immediately,"  he  says.  “The  sooner  attor¬ 
neys  get  involved,  the  better  off  you  are.” 

-Mary  Brandel 


phisticated,  or  from  someone  lower  in 
the  organization  who  thinks  something 
odd  is  happening,  there’s  a  tendency  to 
dismiss  it,”  she  says.  “I  can’t  tell  you 
the  number  of  times  I’ve  had  a  person 
forget  to  get  the  phone  number  or  even 
the  name  of  the  person  who  called.” 

Teamwork 

The  word  team  can’t  be  overempha¬ 
sized,  McKenzie  says.  The  days  are  gone 
when  IT  worked  in  isolation  on  securi¬ 
ty  incidents.  The  public  relations  and 
legal  departments  need  to  be  involved 
as  soon  as  possible,  even  as  you’re  still 
figuring  out  the  depth  and  breadth  of 
the  problem.  “While  you’re  starting  to 
fix,  document  and  understand  the 
problem,  you  want  to  start  the  lawyers 
mitigating  risk  and  the  PR  folks  prepar¬ 
ing  communications,”  McKenzie  says. 

“The  IT  guy  keeping  it  to  himself  is 
a  really  bad  idea,”  she  adds.  Not  only 
are  there  disclosure  requirements, 
but  your  public  relations  people  will 
also  need  some  lead  time  to  fully  un¬ 
derstand  the  problem  and  prepare  a 
response. 

At  Vanguard  Managed  Solutions 
LLC,  IT  works  hand  in  hand  with  the 
legal  and  marketing  departments  dur¬ 
ing  times  of  crisis.  In  the  300-employ¬ 
ee  managed  services  provider  in  Mans¬ 
field,  Mass.,  security  incidents  are  es¬ 
calated  to  management-level  employ¬ 
ees  in  the  network  operations  center, 
says  Eric  Welz,  senior  solutions  archi¬ 
tect.  If  the  incident  is  determined  to  be 
severe  enough,  marketing,  legal  and  IT 
work  together  to  determine  how  it 
should  be  communicated  to  clients. 

Now  more  than  ever,  lawyers  are 
crucial  for  correctly  interpreting  and 
responding  to  federal  and  state  privacy 
laws.  For  example,  California’s  Senate 
Bill  1386  requires  organizations  to  dis¬ 
close  security  breaches  that  involve 
private  information  about  California 
residents.  California  Assembly  Bill 
1950  requires  “reasonable  security” 
controls  for  California  residents’  data. 
The  Washington  state  government  also 
recently  enacted  several  bills  address¬ 
ing  security  breaches,  and  other  states 
may  soon  follow. 

Your  legal  department  might  decide 
to  involve  local  law  enforcement, 
which  could  affect  whether  your  com¬ 
pany  is  allowed  to  disclose  any  infor¬ 
mation  about  the  breach.  If  the  police 
ask  you  to  keep  mum  because  they’ve 
determined  that  public  disclosure 
would  inhibit  the  investigation,  be  sure 
to  get  a  letter  documenting  that  request 
to  avoid  conflicts  later,  Baich  says. 

Some  experts  suggest  that  compa¬ 
nies  develop  boilerplate  language  to 


enable  a  faster  response.  “Disclosures 
are  sometimes  required  to  happen 
quickly,  and  that’s  not  the  time  to  start 
with  a  blank  piece  of  paper,”  says  Peter 
Gregory,  chief  security  strategist  at 
VantagePoint  Security  LLC  in  Belle¬ 
vue,  Wash. 

Deliberate  Speed 

But  don’t  rush.  “You  don’t  want  to  wait 
two  days,  but  you  can  wait  20  min¬ 
utes,”  says  Gregory.  “You  need  to  fol¬ 
low  the  emergency  procedures  so  that 
when  the  PR  person  is  in  front  of  the 
microphone,  the  information  has 
flowed  properly  from  the  point  of  dis¬ 
covery,  through  IT  management  and 
sideways  to  PR  and  legal.” 

Or,  as  McKenzie  puts  it,  “respond 
with  cautious  speed.  On  the  one  hand, 
a  delay  in  responding  can  be  fatal,  but 
on  the  other,  you  need  to  have  a  rea¬ 
soned  response,  because  this  could  be 
broadcast  all  over  the  country.” 

To  avoid  accusations  that  you  didn’t 
work  quickly  enough  to  solve  a  prob¬ 
lem,  McKenzie  suggests  calling  in  an 
IT  forensics  consultant  —  even  if  you 
think  your  IT  staff  is  talented  enough 
to  analyze  Web  logs  and  other  records 
effectively.  “It  shows  you’re  taking  it 
seriously:  ‘We  hired  this  gunslinger  to 
help  solve  the  problem  expeditiously,’  ” 


she  says.  “If  someone  sues  you  for 
damages,  it  looks  good  from  a  PR 
standpoint  that  you  hired  someone 
immediately.” 

You  should  keep  a  fact-finding  log  to 
record  any  actions  that  the  security 
team  takes  and  any  people  it  contacts, 
and  that  log  should  include  the  precise 
timing  of  every  action.  “When  that’s  all 
logged,  it’s  easier  when  someone  asks 
what  happened,”  Baich  says. 

Finally,  when  it  comes  time  to  com¬ 
municate  with  customers  or  the  gener¬ 
al  public,  “be  understanding  and  reas¬ 
suring,”  says  McKenzie.  “There’s  a  ten¬ 
dency  for  people  harmed  by  these  inci¬ 
dents  to  sense  a  lack  of  empathy  for 
their  situation.”  A  kind  and  caring  atti¬ 
tude  on  your  part  may  lessen  the 
chance  of  lawsuits  and  other  litigious 
behavior,  she  says. 

“A  security  disaster  will  cause  many 
to  doubt  the  company’s  ability  to  con¬ 
tinue  operating,”  Gregory  says,  “so  you 
need  to  respond  with  well-thought-out 
statements  that  give  the  media  and 
customers  confidence  that  you’re  in 
control  and  are  dealing  with  it.” 

©  56888 


Brandel  is  a  Computerworld  contribut¬ 
ing  writer  in  Newton,  Mass.  Contact  her 
at  marybrandel@verizon.net. 


YOUR  JOB  IS  TO  KEEP  SYSTEMS  AND  APPLICATIONS  RUNNING. 
OUR  MISSION  IS  TO  KEEP  PEOPLE  AND  INFORMATION  CONNECTED. 

LET’S  WORK  TOGETHER. 


Continuous  access  to  information  no  matter  what.  That’s 
Information  Availability.  It’s  what  your  employees,  suppliers  and 
customers  demand  every  minute  of  every  day.  But  to  deliver  it 
flawlessly,  you  need  a  massive  global  infrastructure,  redundant 
systems  and  diverse  networks  being  monitored  and  supported 
by  skilled  technical  experts  at  secure  facilities.  That’s  exactly 
what  SunGard  provides. 

As  a  result,  we  can  offer  you  a  higher  level  of  availability  and 
save  your  company,  on  average,  25%*  versus  building  the 
infrastructure  yourself.  Plus,  it’s  a  vendor  neutral  solution  that 
lets  you  control  your  data, applications  and  network  while  giving 
you  the  flexibility  to  adjust  to  the  changing  needs  of  your 
business.  But  best  of  all,  it  lets  you  spend  more  time  solving 
business  problems  and  less  time  solving  technical  problems. 


For  years,  companies  around  the  world  have  turned  to 
SunGard  to  restore  their  systems  when  something  went 
wrong.  So,  it’s  not  surprising  that  they’re  now  turning  to  us 
to  mitigate  risk  and  make  sure  they  never  go  down  in  the 
first  place. 

You  want  your  network  and  systems  to  always  be  up  and 
running.  We  want  the  same  thing.  Let’s  get  together.  To 
learn  more,  visit  www.availability.sungard.com  or  call 
1-800-468-7483. 


SUNGARD 

Availability  Services 

'Potential  savings  based  on  IDC  White  Paper,  Ensuring  information  Availability: 
Aligning  Customer  Needs  with  an  Optimal  Investment  Strategy. 
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What  we  have  here  is  an  IT  problem ...  I 


It  seems  that  IT  is  the  latest  in  a  long  line  of  business  scapegoats.  Finance, 
human  resources,  production  and  quality  assurance  have  all  had  turns  on  the 
whippingpost.  Now  it's  IT's  turn  to  take  a  few  lashes.  Or  is  it?  Business  has  a 
way  of  assigning  blame  when  it  can't  react  to  customer  needs  as  quickly  as  ex¬ 
ecutives  would  like.  Here  are  some  thoughts  on  how  to  get  out  of  the  hot  seat. 


BY  JENNIFER  PFAFF 
AND  DOUG  PFAFF 

JENNIFER:  “What  we  have  here 
is  an  IT  problem.”  Our  business 
team  actually  said  this  as  we 
started  a  meeting  last  week.  That 
was  their  formal  definition  of 
the  problem,  as  though  they’d 
put  it  through  some  scientific 
analysis  and  that  was  the  result. 

Come  on!  I  was  sitting  in  the 
same  room  with  these  people  when  they  signed  off 
on  the  project  months  ago.  Did  anyone  really  think  I 
was  going  to  buy  into  this?  Things  didn’t  get  any  bet¬ 
ter  when  I  mentioned  that  the  application  actually 
was  operating  within  the  service-level  agreement. 


(Will  I  ever  learn?)  Because  even  though  they  signed 
off  on  both  the  application  specifications  and  the 
SLA,  I  knew  what  was  causing  them  to  feel  this  way: 
As  far  as  they  are  concerned,  IT  has  a  history  of  not 
delivering,  and  this  was  just  another  example  of  poor 
service. 

DOUG:  When  a  teenager  rubs  his  parent’s  nose  in  a 
punishment  he  received  —  “Since  you  took  my  car 
away,  you’re  going  to  have  to  drive  me  to  work  after 
school”  —  how  often  does  the  parent  say,  “Hmm,  I 
guess  I  can’t  ground  you  after  all.”  Unfortunately,  IT 
is  still  viewed  as  a  service  unit  in  most  companies 
(i.e.,  a  child  who  must  be  tolerated).  When  you 
whipped  out  the  SLA,  they  heard  you  say,  “Hey,  you 
made  your  own  bed,  now  you’ve  got  to  sleep  in  it.” 


JENNIFER:  I  get  your  point,  but  when  does  IT  get  to 
say,  “If  you  don’t  plan  your  project  and  you  won’t  let 
us  help  you  plan  it,  then  you  can’t  yell  at  IT  when  it 
doesn’t  go  well”?  I’m  tired  of  business  units  being 
hypocritical  about  “process.”  They  want  consistent 
and  measurable  output  from  IT  systems,  but  when 
we  try  to  use  repeatable  processes,  all  we  hear  about 
is  how  long  it  takes  to  get  anything  done. 

DOUG:  Since  IT  rarely  drives  the  revenue  of  the  busi¬ 
ness,  its  policies  are  little  more  than  lines  in  the  sand 
at  low  tide.  You  can  use  your  project-planning  proc¬ 
esses  all  you  want,  but  if  you  allow  them  to  give  you 
garbage  at  the  beginning  of  the  process,  when  the 
sledding  gets  rough,  your  process  will  be  blamed  as  a 
hindrance  to  business.  While  your  process  may  help 
you  defend  your  position,  it’ll  be  a  Pyrrhic  victory. 

JENNIFER:  I  don’t  think  you  understand  what  I’m  say¬ 
ing.  If  the  business  doesn’t  ask  us  to  measure  load 
time,  for  example,  how  can  it  be  IT’s  fault  when  load¬ 
time  metrics  aren’t  produced  at  the  end  of  the  proj¬ 
ect?  Funny,  but  this  doesn’t  sound  like  an  IT  problem. 


Introducing  Hitachi  HiCoirunand®  Tiered  Storage  Manager  soft  ware, 
at  the  right  time— based  on  how  your  applications  use  it.  Our  new  HiCorr 
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In  fact,  it  sounds  a  lot  like  a  business  problem. 

What’s  Pyrrhic  about  that? 

DOUG:  You’re  still  not  getting  it.  It’s  an  ownership 
problem.  People  in  business  units  think  that  if  a  com¬ 
puter  is  needed  during  the  work 
process,  the  solution  depends 
entirely  on  IT.  They  absolve 
themselves  of  as  much  responsi¬ 
bility  as  possible.  To  follow  your 
load-time  example,  their  argu¬ 
ment  would  probably  be,  “Hey, 
you’re  the  experts.  You  should 
have  known  that  we’d  need 
load-time  reports.” 

One  of  the  great  problems 
facing  IT  leadership  right  now  isn’t  technological 
convergence  or  service-oriented  architectures  or  any 
of  the  other  highfalutin  topics  being  thrown  around; 
it’s  ownership.  Problems  and  their  solutions  need  to 
be  entirely  held  by  the  business  units.  IT  can  help 
them  get  to  a  solution  faster  by  providing  a  frame¬ 
work,  intelligent  consulting  and  the  technical  skills 
to  implement  it,  but  it  can’t  own  the  solution.  In  oth¬ 
er  words,  in  businesses  where  IT  doesn’t  generate 
revenue,  IT  should  be  the  “how,”  not  the  “what.” 


JENNIFER:  I  think  IT  professionals  are  some  of  the 
few  people  qualified  and  visionary  enough  to  devel¬ 
op  new  solutions  to  old  problems.  If  business  really 
is  washing  its  hands  of  responsibility,  then  I  think 
that  makes  the  case  for  following  a  repeatable  proj¬ 
ect  process  to  make  sure  we  give  them  what  they 
want.  In  my  Utopia,  we  all  follow  a  repeatable  IT 
methodology,  and  the  business  tells  us  what  work 
processes  are  actually  occurring  and  diagrams  them 
accurately.  Then,  the  business  people  write  out  what 
they  want  to  happen  in  their  new  application  and  ask 
the  IT  team  for  a  technical  recommendation  on  how 
to  make  it  a  reality.  The  business  also  provides  rea¬ 
sonable  budget  numbers,  realistic  timelines  and  co¬ 
operative  business  resources.  Is  that  asking  too  much? 

DOUG:  Wow,  that’s  quite  a  little  fantasyland  you’ve 
created  for  yourself.  Actually,  I  agree  with  you  on 
this  one;  what  you  just  described  is  the  business 
defining  the  “what”  and  IT  controlling  the  “how.” 

JENNIFER:  I  love  it  when  you  patronize  me.  I  just  read 
that  in  cases  where  a  repeatable  process  is  followed, 
the  success  rate  of  IT  projects  skyrockets  to  91% 
from  something  like  38%.  If  and  when  that  starts  to 
happen,  budgets  and  timelines  will  increase. 


DOUG:  You’re  right;  the  success  rates  jump.  But  I  bet 
if  you  examined  the  entire  process,  you’d  find  that 
before  the  IT  project  even  got  started,  there  were 
systemic  changes  throughout  the  business  that  made 
those  repeatable  IT  processes  possible.  Processes 
can’t  exist  independently  of  their  inputs  and  outputs. 
No  one  knows  this  better  than  IT  professionals.  IT 
methodologies  almost  always  depend  on  non-IT 
data.  If  the  corporate  culture  allows  that  data  to  be 
nonrepeatable,  unreliable  and  unquantifiable,  the 
battle  to  systematize  their  processes  will  be  all 
uphill. 

Again,  it’s  ownership.  If  the  business  owns  the 
issue,  they’ll  clean  up  their  own  house  —  and  that 
includes  their  business  processes. 

JENNIFER:  Oh,  it  would  be  so  nice.  We  would  have  so 
many  projects  coming  into  IT,  we  would  have  to  cre¬ 
ate  a  project  management  office  to  handle  the  influx. 
That  would  be  a  great  IT  problem  to  have,  wouldn’t 

it?  O  56830 


Jennifer  Pfaffis  a  PMP  certified  project  manager,  and 
!  Doug  Pfaff  has  led  IT  organizations  of  all  sizes.  They 
:  live,  work  and  bicker  in  the  Detroit  area.  Contact  them 
!  atdpfaff@comcast.net. 
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Interns 


Tweaking  your  student  intern 
program  now  will  help  you 
deliver  more  value  next 
summer.  BY  JUDY  ARTUNIAN 


The  IT  department  at  National  Instru¬ 
ments  Corp.  learned  the  hard  way  about 
the  ins  and  outs  of  developing  projects  for 
summer  interns.  “We  struggled  with  mak¬ 
ing  sure  the  interns  were  getting  a  good 
project,”  recalls  Carol  Watkins,  director 
of  the  Austin-based  company’s  internal 
IT  operations. 

That  struggle  included  delaying  or  scaling  back 
projects  that  were  too  extensive  to  be  completed 
during  a  summer  internship  and  dealing  with  push- 
back  from  interns  when  assignments  such  as  writing 
reports  didn’t  give  them  the  hands-on  experience 
they  wanted. 

Sound  familiar?  Now  that  your  summer  interns  are 
back  in  their  classrooms,  it’s  a  good  time  to  consider 
how  your  internship  program  might  be  tweaked  to 
create  an  even  better  experience  for  all  concerned 
next  time. 

Student  interns  can  be  a  godsend  when  they  help 
you  make  quick  work  of  a  project  that  has  been  lan¬ 
guishing  for  some  time.  But  to  get  the  most  from 
your  interns,  you  need  to  make  the  experience  re¬ 
warding  for  them  as  well. 

National  Instruments’  IT  department  kept  that  in 
mind  when  it  revamped  its  system  for  assigning  proj¬ 
ects  to  interns.  Cross-functional  teams  consisting 
of  IT  and  business  managers  now  help  determine 
which  projects  are  appropriate  for  interns  and  match 
them  with  projects.  “Now  we  make  sure  the  project 
can  be  handled  in  an  appropriate  time  frame,  that  it 
has  a  tangible  deliverable  and  that  the  student  knows 
he  is  adding  value  to  our  organization,”  says  Watkins. 
At  Cordis  Corp.,  a  Johnson  &  Johnson  company  in 


Miami  Lakes,  Fla.,  managers  and  senior  directors  be¬ 
gin  reviewing  interns’  resumes  two  months  before 
they  arrive.  They  look  for  technical  know-how,  but 
that’s  not  all,  says  information  management  manager 
Jim  Mulligan.  For  example,  one  intern  who  happened 
to  be  an  excellent  writer  was  assigned  to  help  pre¬ 
pare  documentation  and  training  manuals. 

As  the  IT  team  at  National  Instruments  learned, 
interns  sometimes  bristle  at  being  confined  to  rou¬ 
tine  tasks  like  writing  reports  or  installing  software. 

“Don’t  automatically  assume  what  the 
intern’s  interest  and  skill  levels  are.  See 
what  they’re  capable  of,”  says  Nicholas 
Stanko,  a  Pennsylvania  State  University 
junior  who  recently  completed  a  sum¬ 
mer  internship  at  QVC  Inc.,  a  West 
Chester,  Pa.-based  electronics  retailer. 

“I  was  given  as  much  leeway  as  I  wanted 
in  terms  of  trying  different  projects.” 

Rob  Cochran,  QVC’s  CIO,  agrees.  “Let  them  ex¬ 
plore  opportunities,”  he  says.  And  remember  that  the 
interns  may  be  evaluating  you.  “They  are  kind  of  in¬ 
terviewing  us  as  a  possible  place  to  work,”  he  says. 

Making  Connections 

If  the  primary  goal  of  your  internship  program  is  to 
recruit  full-time  employees,  help  interns  form  rela¬ 
tionships  not  just  within  IT,  but  throughout  the  com¬ 
pany.  “These  may  be  the  people  they  work  with  in 
the  future,”  says  Grace  Rice,  program  manager  for 
the  Technology  Associate  program  at  KeyBank  in 
Cleveland.  “Model  your  program  so  that  it  fully  inte¬ 
grates  the  intern  into  the  business.” 

There  are  many  ways  to  introduce  interns  to  other 
managers.  KeyBank  invites  them  to  join  the  compa¬ 
ny’s  new  IT  hires  at  orientation  sessions,  including 
attending  talks  given  by  executives  from  the  bank’s 
lines  of  business.  Interns  at  National  Instruments 
give  presentations  to  all  the  company’s  IT  managers 
at  the  beginning  and  the  end  of  their  internships. 

Interns  who  don’t  see  the  purpose  of  some  of  these 
activities  may  feel  they’re  a  waste  of  time,  so  make 
sure  they  understand  the  benefits  of  rubbing  elbows 
with  senior  management. 

Terry  Pietrondi  interned  at  KeyBank  during  the 
summer  of  2004  while  he  was  a  computer  science 
student  at  Kent  State  University.  He  was  curious 
about  the  IT  side  of  bank  operations. 

“I  thought  it  would  be  cool  to  work  in  a  not-so- 
obvious  environment,”  Pietrondi  says.  “I  was  sur¬ 
prised  by  how  technical  a  bank  can  be.” 

But  not  all  the  activities  made  sense  to  him  initial¬ 
ly.  “I  got  involved  in  meetings  where  I  felt  out  of 
place  for  a  while,”  says  Pietrondi,  who  has  since 
graduated  from  Kent  State  and  is  now  a  trainee  in 
KeyBank’s  Technology  Associate  program. 

Besides  feeling  too  green  to  participate  in  the  dis¬ 
cussions,  Pietrondi  says  he  wondered  why  he  was 
there,  since  he  didn’t  have  decision-making  privi¬ 
leges.  But  after  a  few  meetings,  his  discomfort  faded. 

“It  was  a  matter  of  getting  used  to  the  idea  that  I 
was  there  for  the  learning  experience,”  Pietrondi  re¬ 
calls.  Moreover,  he  adds,  “people  saw  my  face  and 
knew  my  name.  Opportunities  came  my  way  from  it.” 

It’s  not  just  meetings  that  can  trip  up  a  student  in¬ 
tern;  some  need  help  acclimating  to  a  corporate  cul¬ 
ture.  “They  aren’t  used  to  working  in  a  full-time  job 


environment,”  says  QVC’s  Cochran.  “It’s  one  thing  to 
write  a  program  and  another  thing  to  do  it  eight 
hours  a  day.” 

Learning  the  Ropes 

To  help  them  feel  at  home,  Cordis  offers  a  one-day 
class  called  Backpack  to  Briefcase,  in  which  the  in¬ 
terns  learn  the  basics  of  business  etiquette,  how  to 
dress  and  other  facts  of  corporate  life. 

IT  managers  who  are  new  to  supervising  interns 
may  be  surprised  to  find  their  manage¬ 
ment  skills  challenged  by  the  interns’ 
need  for  guidance  with  the  mundane 
routines  of  the  workaday  world. 

Wayne  Belvin,  an  IT  project  manager 
at  energy  giant  Dominion  Resources  Inc. 
in  Richmond,  Va.,  meets  weekly  with  his 
interns  to  discuss  their  assignments,  as¬ 
pirations  and  any  difficulties  they  may  be  having. 

“A  lot  of  interns  have  technical  skills  that  can  be 
applied  pretty  readily,”  Belvin  says.  “But  you  have  to 
help  them  with  skills  like  organization,  team-build¬ 
ing  and  relating  to  other  folks  in  a  corporate  environ¬ 
ment.” 

He  helps  interns  settle  in  by  teaching  them  how 
to  do  seemingly  simple  tasks  such  as  creating  to-do 
lists  and  planning  their  work  on  a  calendar  based 
on  due  dates  and  project  priorities. 

But  often  the  greatest  impact  comes  from  the 
unplanned  lessons  learned  in  the  IT  trenches,  and 
that’s  really  what  an  internship  is  all  about. 

Pietrondi  recalls  that  when  the  identity  manage¬ 
ment  project  he  was  working  on  stalled,  he  suspect¬ 
ed  that  the  culprit  was  poor  communication  among 
the  project  teams. 

“My  biggest  learning  experience  was  listening  to 
how  people  communicate,”  Pietrondi  says.  “I  learned 
that  it’s  not  the  technology  that  makes  or  breaks  the 
project  most  of  the  time.  It  comes  down  to  people.” 
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Artunian  is  a  freelance  writer  in  Newport  Beach,  Calif. 
Contact  her  at  jartunian@sbcglobal.net. 


IT  managers  who  have  learned  from  their 
experiences  with  interns  share  these  tips 
for  matching  the  intern  to  the  job: 

■  Recruit  from  local  colleges  with  strong  IT  pro¬ 
grams,  but  don’t  assume  you  know  which  col¬ 
leges  qualify.  Visit  the  schools.  Ask  colleagues 
about  their  experiences  with  various  schools. 

■  Get  to  know  IT  department  deans.  Your  input 
can  help  them  adjust  their  curricula  so  that  stu¬ 
dents'  technical  skills  will  better  match  your 
needs  for  interns  and  permanent  employees. 

■  Interview  prospective  interns  in  person  to 
gauge  their  energy  levels  and  poise. 

■  Pay  attention  to  grades,  but  also  ask  about 
nonacademic  activities  for  clues  about  their 
motivation  and  desire  to  learn. 

-Judy  Artunian 


OFFSHORE  INTERN 

A  grad  student  back  from  a 
summer  internship  in  India  says 
the  U.S.  just  doesn’t  get  it: 

0  QuickLink  56883 
www.computerworld.com 
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SAS  SOFTWARE  FOR 

BUSINESS  INTELLIGENCE  AND  BEYOND 


INTELLIGENCE 


Power  to  Know  why  other  Bl  vendors  have  arrived  too  late 


WANT  PROOF? 

Hear  from  industry  experts, 
analysts  and  customers 
about  proven  successes  with 
SAS  Business  Intelligence. 


While  other  vendors  are  playing  catch-up  —  by  just  now  introducing  their  Bl  approaches  —  SAS 
continues  to  lead  the  way  in  the  business  intelligence  market.  When  you  consider  investing  in  or 
upgrading  your  current  Bl  software,  talk  to  SAS  about  our  proven  successes. 

Unmatched  Enterprise  Intelligence  Platform 


BetterManagement  LIVE 
Worldwide  Business  Conference 
Las  Vegas,  NV,  USA 
October  26-27  2005 


■  Nearly  30  years  of  Bl  experience 

■  Undisputed  leader  in  business  analytics 

More  than  4  million  users  at  over  40,000  locations  worldwide 
m  At  work  in  94%  of  FORTUNE  Global  500"  companies 


go  Beyond  Bl  at  www.sas.com/sasBi  •  Analyst  case  study 


sas‘9 


THE 
POWER 
TO  KNOW 


SAS  and  al!  other  SAS  Institute  Inc.  product  or  service  names  are  registered  trademarks  or  trademaiks  of  SAS  Institute  Inc.  in  the  USA  and  other  countries.  <k>  indicates  USA  registration  Other  brand  and  pioduct 


names  a/e  trademaiks  of  their  respective  companies.  200f>  SAS  Institute  Inc.  All  rights  reserved.  352735US.0905 
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EVENTS 


Network 
Systems  Design 

■  Oct.  18-20,  San  Jose 
Sponsor:  The  Linley  Group  inc. 

Topics  at  the  Network  Systems  Design 
Conference  include  an  overview  of  net¬ 
working  systems  technologies,  choos¬ 
ing  a  network  processor,  advanced 
switching,  next-generation  broadband 
technologies,  processors  for  data  cen¬ 
ter  applications,  packet  processing  in 
access  infrastructure,  multiprotocol 
design  and  high-performance  CPUs. 
www.networksystemsdesign.com 


Wireless  and  Mobile 

■  Oct.  26-28,  Boston 
Sponsor:  Trendsmedia  Inc. 

The  WiMax  World  Conference  in¬ 
cludes  tracks  on  business,  technology, 
municipalities  and  voice  over  IP.  Topics 
include  the  state  of  the  industry,  the 
dynamics  of  successful  deployment, 
service  provider  perspectives,  deliver¬ 
ing  personal  mobile  broadband,  mu¬ 
nicipal  broadband  infrastructure,  VoIP 
costs  and  business  models,  market 
analysis  and  the  mobile  enterprise. 
www.wimaxworld.com 


Leadership 

h  Nov.  6-8,  Boston 
Sponsor:  AMR  Research  Inc. 

The  2005  Executive  Leadership  Con¬ 
ference  includes  sessions  on  linking  IT 
to  productivity  improvement,  the  inter¬ 
section  of  IT  and  business  process, 
the  25  companies  with  the  best  supply 
chains,  performance  management  and 
performance  improvement,  demand- 
driven  supply  networks  and  service- 
oriented  architectures. 
www.amrresearch.com 


Security 

«  Nov.  14-16,  Washington 
Sponsor:  Computer  Security 
Institute 

The  CSI’s  32nd  annual  Computer  Se¬ 
curity  Conference  tracks  include  an 
introduction  to  computer  security, 
training  and  education,  management, 
government,  risk  and  audit,  compli¬ 
ance  and  governance,  critical  issues, 
attacks  and  countermeasures,  foren¬ 
sics,  identity  and  access  management, 
working  with  developers,  Web  ser¬ 
vices  and  hands-on  technology. 
www.gocsi.com 


PAUL  GLEN 


Connected  or 
Addicted? 


CIOs  FREQUENTLY  invite  me  to  give  pre¬ 
sentations  to  their  management  teams  or 
to  facilitate  retreats.  I’m  always  amazed 
by  how  many  of  the  managers  in  those 
sessions  feel  compelled  to  answer  their 
cell  phones  or  monitor  their  “crack-berries”  during 
those  few  short  hours. 


I  could  tell  you  that  this 
is  the  cost  of  competing  in 
the  blistering  marketplace 
of  the  24/7  economy,  that 
it’s  the  inevitable  result  of 
globalization  or  that  the 
participants  in  those  meet¬ 
ings  are  just  important 
people.  But  I  don’t  believe 
that  pathological  connect¬ 
edness  is  caused  by  any  of 
these  things. 

I  suspect  that  managers’ 
rationalization  for  this  sort 
of  behavior  falls  into  four 
categories: 

Neediness.  The  staff  needs 
constant  access  to  the  boss  in  order  to 
remain  at  peak  productivity.  They 
need  immediate  decisions.  The  boss 
needs  a  constant  flow  of  status  infor¬ 
mation.  Without  access,  work  stops. 

Responsiveness.  If  the  boss  doesn’t  re¬ 
spond  to  the  staff  quickly  enough,  he 
will  be  viewed  as  aloof,  uncaring  or 
disengaged.  Remaining  in  constant 
touch  symbolizes  the  value  that  the 
boss  places  on  the  staff. 

Connectedness.  Supervisor  and  staff 
form  an  intimate  community.  If  the 
boss  disconnects  from  the  collective, 
he  will  be  lost. 

Relationships.  The  boss  is  at  the  center 
of  a  network  of  relationships  and  must 
constantly  monitor  and  manage  the 
expectations  of  all  the  stakeholders. 
New  technology  has  raised  the  expec¬ 
tations  of  the  speed  of  communica¬ 


tion,  so  he  must  respond  to 
everyone  immediately  in 
order  to  maintain  produc¬ 
tive  relationships. 

While  each  of  these  has 
some  validity,  I  suspect 
that  they  are  more  excuses 
than  explanations.  This 
sort  of  behavior  is  really  a 
symptom  of  a  deeper  prob¬ 
lem:  connection  addiction. 

Dictionary.com  offers 
one  definition  of  addiction 
as  “the  condition  of  being 
habitually  or  compulsively 
occupied  with  or  involved 
in  something.”  Here,  con¬ 
nectivity  is  the  pathological  something. 

This  connection  fixation  can  arise 
for  a  number  of  reasons: 

Ego.  What  could  be  a  better  ego 
stroke  than  having  a  constant  line  of 
people  waiting  outside  your  electronic 
door?  It’s  very  satisfying  to  be  needed. 

Mistrust  of  staff.  Many  managers  fear 
that  if  they  are  out  of  touch,  their  staff 
will  be  either  unable  or  unwilling  to 
continue  working.  On  one  hand,  they 
may  assume  that  their  people  are  inca¬ 
pable  of  working  without  constant  su¬ 
pervision.  On  the  other,  they  may  as¬ 
sume  that  their  people  are  inherently 
devious.  Some  may  even  believe  both. 

Sense  of  importance.  That  feeling  of  be¬ 
ing  the  indispensable  man  is  a  great 
high.  It’s  great  to  be  “in  the  loop,”  con¬ 
stantly  “in  the  know.” 

Confusion  about  the  real  role  of  a  manager. 


paul  glen  helps  technical 
organizations  to  grow 
better  leaders  and  man¬ 
agers  to  perform  at  their 
best.  He  is  the  author  of 
the  award-winning  book 
Leading  Geeks.  Contact 
him  at  info@paulglen.com. 


Too  many  managers  have  adopted  the 
mentality  of  the  preindustrial  foreman. 
They  think  that  the  role  of  the  manag¬ 
er  in  the  age  of  knowledge  work  is  the 
same  as  that  of  the  overseer  on  the 
plantation:  to  stand  watch  over  the 
workers  and  make  sure  that  they’re 
productive. 

OK,  you  might  say,  hyperconnected¬ 
ness  isn’t  particularly  useful,  but 
where’s  the  harm? 

This  addiction  has  costs  for  every¬ 
one  involved  —  manager,  staff  and 
organization. 

For  the  manager,  it  leads  to  an  un¬ 
balanced  life.  Everything  takes  on  an 
unnatural  sense  of  urgency,  and  relax¬ 
ing  can  be  difficult.  The  manager  can 
also  wind  up  constructing  a  personal 
identity  that’s  too  tied  up  in  a  particu¬ 
lar  job.  While  business  is  important 
and  fun,  it’s  too  easy  to  lose  a  job  and 
be  left  without  a  core  sense  of  self. 

For  the  staff,  it  creates  a  constant 
dependence  on  the  presence  of  the 
manager.  This  kills  their  desire  to  take 
initiative.  They  become  much  more 
concerned  with  carrying  out  the  boss’s 
orders  than  with  meeting  the  goals  of 
the  organization. 

Finally,  the  organization  becomes 
fragile.  If  key  players  go  missing,  the 
productivity  of  dozens  of  people  may 
suffer. 

If  you  can’t  disconnect  the  electron¬ 
ic  bands  of  connectivity  for  a  couple 
of  weeks  or  even  for  a  few  hours,  you 
need  to  rethink  your  management  ap¬ 
proach.  Hyperconnectivity  could  be 
a  symptom  of  an  important  problem. 
Great  managers  create  organizations 
that  are  resilient  enough  to  keep  mov¬ 
ing  ahead,  no  matter  who  is  out  of 
touch.  O  56878 


WANT  OUR  OPINION? 

OFor  mors  columns  and  links  to  our  archives,  go  to 

www.computerworld.com/opinions 


IBM  WEBSPHERE  PRESENTS 


Lanco  Global  seeks  computer 
professionals  with  2  years  of 
exp.  in  the  following  skills: 
PROJECT  MANAGER:  Resp. 
for  managing  multiple  projects. 
Managing,  executing,  designing, 
architecting,  delivering  projects, 
including  analysis  of  user  re¬ 
quirements.  design,  develop¬ 
ment  and  testing  using  Informat- 
ica,  Erwin,  Data  Modeling, 
J2EE,  Oracle,  DB2,  IDMS,  Nete- 
grity  SiteMinder,  Web  Sphere, 
Weblogic,  Unix  and  Windows 
NT/2000.  Applicants  must  have 
Masters  or  Equivalent  in  CS, 
MIS,  CIS,  Eng.  (any  field),  Bus., 
Tech,  Math  or  related. 
SYSTEMS  ANALYST:  Resp. 
incl.  providing  complete  solu¬ 
tions  involving  design,  analysis, 
development,  implementation, 
customization  &  integration  of 
various  legacy,  client-server  and 
web  applications  using  Weblog¬ 
ic,  Web  Sphere,  WSAD,  JBoss, 
Tomcat,  IIS,  Oracle,  DB2,  Sy¬ 
base.  CLARIFY,  J2EE,  VC++, 
VB,  VSS,  Soap,  Unix,  and  Win¬ 
dows  NT/2000.  Applicants  must 
have  Bachelors  or  Equivalent  in 
CS,  MIS,  CIS,  Eng.  (any  field), 
Bus.,  Tech,  Math  or  related. 

Will  provide  competitive  salary 
and  benefits.  Email  resume  to: 
careersus@lancoglobal.com  or 
mail  to  Lanco  Global  Systems, 
1725  Windward  Concourse, 
Suite  150,  Alpharetta,  GA 
30005. 


Computer  Systems  Analyst 

Analyze  business  data  process¬ 
ing  problems  for  application  to 
electronic  data  processing  sys¬ 
tems.  Analyze  user  require¬ 
ments,  procedures,  and  prob¬ 
lems  to  improve  existing  sys¬ 
tems  and  review  computer  sys¬ 
tem  capabilities,  workflow,  and 
limitations.  Design/develop  com¬ 
plicated  financial  data  process¬ 
ing  software.  Conduct  systems 
analysis  and  product  develop¬ 
ment  throughout  the  full  devel¬ 
opment  life  cycle.  M.S.  in  Com¬ 
puter  and  Information  Sciences, 
or  Electrical  Engineering.  Must 
have  ability  to  use  J2EE,  XML 
and  design  patterns.  40  hrs/ 
week,  9am-5pm.  Positions  avail¬ 
able:  multiple.  Resume  to:  Mr. 
Vichael  Fleming,  VP  of  Engin¬ 
eering,  EPL  Inc.,  22  Inverness 
Center  Parkway,  Suite  400, 
Birmingham,  AL  35242. 


SAP  consultants  for  Pittsburgh, 
PA.  Design  &  Implement  soft¬ 
ware  apps  to  support  MM/FICO/ 
HR/QM/PP/SEM/SD  modules  in 
SAP  R/3  environment.  Should 
have  worked  on  ABAP  with  BW/ 
WORKFLOW/CRM/XI  NetWea- 
ver  Components,  Oracle,  Data 
Interfaces  with  MainFrame  sys¬ 
tem,  C++,  BSP,  Perl&  Shell 
scripting.  Bachelors  or  Eqv. 
req'd  in  Computers,  Eng. or  relat¬ 
ed  field  of  study  +  2  yrs  of  relat¬ 
ed  exp.  May  be  relocated  to  var¬ 
ious  unanticipated  locations 
throughout  the  US.  40  hrs/Wk. 
Must  have  legal  authority  to 
work  permanently  in  the  U.S. 
Send  resumes  to  HR,  Technolo¬ 
gy  People,  Inc.,  7  Parkway 
Center,  Ste  679,  Pittsburgh  ,PA 
15220. 


APPLICATION  DEVELOPER 
Application  developer  lead  for 
Kerzner  International  Resorts, 
Inc.  in  Plantation,  FL  to  manage, 
direct  and  oversee  Information 
Technology  (IT),  programming 
and  web-based  program  opera¬ 
tions  to  provide  the  technical 
architecture  of  websites  for  com¬ 
pany  to  ensure  accessibility, 
usability  and  reliability.  Qualified 
applicants  will  possess  a  Bach¬ 
elor's  degree  in  Computer  Sci¬ 
ence  or  equivalent.  Forward 
resume  to:  Recruiting  Depart¬ 
ment  APTDEV1220,  Kerzner 
International  Resorts,  Inc.,  1000 
South  Pine  Island  Road, 
Plantation,  FL  33324.  No  phone 
calls  please.  EOE. 


Senior  Bioinformatics  Analyst. 
Assist  in  the  planning,  design, 
implementation  and  evaluation 
of  web  based  applications  to 
support  the  integration,  consoli¬ 
dation  and  interpretation  of  ze- 
brafish  gene  structures,  expres¬ 
sion  patterns  and  mutant  pheno¬ 
types.  This  position  is  with  ZF- 
IN,  the  zebrafish  model  organ¬ 
ism  database,  ( http ://zfin. ora  )  at 
the  University  of  Oregon.  The 
qualified  applicant  will  hold  a 
Master’s  degree  in  related  field 
with  at  least  2  years  experience 
in  bioinformatics,  and  possess 
an  understanding  of  bioinformat¬ 
ics  relational  database  systems, 
demonstrated  proficiency  with 
SQL,  Perl,  Unix  and  web  appli¬ 
cation  development  in  PHP  or 
Java  as  well  as  experience  es¬ 
tablishing  large  scale  data  an¬ 
alysis  techniques  and  visualiza¬ 
tion  tools  using  BLAST.  Send 
resume  with  names  and  phone 
numbers  of  3  references  to  E. 
McCumsey,  Institute  of  Neuro¬ 
science,  1254  University  of  Ore¬ 
gon,  Eugene,  OR  97403-1254; 
fax  541-346-4548.  The  UO  is 
an  AA/EO/ADA  institution  com¬ 
mitted  to  cultural  diversity.  We 
invite  applications  from  candi¬ 
dates  who  share  our  commit¬ 
ment  to  diversity.  Applications 
received  by  October  19th,  2005 
will  receive  first  consideration. 


Computer  &  Info  Consulting  Mgr 
-  Delivery  &  Integration  to  plan, 
coord,  &  manage  s/w  systems 
integration  &  implementation 
projects  on  client  site  using  com¬ 
pany’s  rules  engine  s/w  products 
&  systems.  Extensive  travel  to 
client  sites  in  U.S.  Midwest  & 
East  coast  regions.  BS  in  CS  or 
Comp  Eng  &  4  yrs  exp.  Exp.  in 
developing  rules-based  compo¬ 
nents  of  applies;  object-oriented 
programming;  JAVA  program¬ 
ming  language  &  J2EE  con¬ 
cepts;  HTML,  XML,  JSP,  Serv¬ 
lets  &  applic  severs  such  as 
Weblogic  &  Websphere;  integra¬ 
tion  of  large  DBs  &  transactional 
systems.  Job  site  Minneapolis  or 
home  office  in  client  service 
area.  Apply  on-line  at 
www.fairisaac.com  or  mail  to 
HR,  Fair  Isaac  Corp.  901 
Marquette  Avenue,  #3200, 
Minneapolis,  MN  55402.  Must 
ref  Job  711  for  consideration. 
Unrestricted  right  to  work  in  U.S. 
required. 


Software  Engineer  -  Architect: 
Design  secure,  cost  effective 
solutions  using  open  source 
products,  support  multi-tier 
enterprise  component  archi¬ 
tectures.  Responsibilities  in¬ 
clude  solution  delivery.  Utilize 
J2EE,  Design  Patterns, RUP, 
Spring,  EJB,  J2EE  App  Ser¬ 
vers,  RDBMS.  Req.  M.S.  in 
Comp.  Sci.  or  Engg.  &  1  yr  of 
exp.  or  B.S.  in  Comp.  Sci.  or 
Engg.  &  5  yrs  of  exp.  Send 
Resume  to  H.R.  Talent  IT 
Services,  776  N.  Main  St., 
2nd  Floor,  Manchester,  CT 
06040. 


Imaging  Systems  Architect 
for  SOURCECORP  Inc., 
Job  Location:  Dallas.  Tx 

Requires  a  Bachelor’s  degree  in 
Computer  Science,  Mechanical 
or  Computer  Engineering  and  5 
yrs  experience  in  job  offered;  or 
5  yrs  related  experience  in 
designing,  developing,  imple¬ 
menting  and  managing  complex 
OCR/ICR  imaging,  data  entry 
workflow  systems  using  imaging 
and  forms  processing  software 
life  Formware,  Teleform,  Read- 
soft,  Infoimage,  Recostar,  Mitek, 
Pixtools,  LeadTools,  and  Free¬ 
form  technology.  40-hr  work 
week.  Please  submit  your  resu¬ 
me  to  careers@srcp.com  and 
reference  job  code  621721. 


CIENA  Healthcare  seeks  IT 
managers,  System  Analysts/ 
software  engineers  to  write  soft¬ 
ware  in  C/C++,  VB.  Require  at 
least  BS  in  computer  science 
with  1-6yr  exp  as  programmer/ 
analyst  using  special  tools. 
Send  resume  to  4000  Town 
Center,  Ste.  380,  Southfield,  Ml 
48075.  No  calls.  EOE. 

In-Venture  Soft  is  seeking  IT 
consultants  to  design  &  develop 
applications  for  various  projects. 
Applicants  must  have  MS/BS(1- 
5exp)  with  solid  background  in 
Oracle,  WebSphere,  Java,  EJB, 
ASP.  We  offer  competitive  wage 
with  full  benefit.  Travel  maybe 
required.  Apply  at  resume@ 
ivsinc.net. 


Computer:  Sr.  Soft¬ 
ware  Engineer  for 
Interactive  Digital 
Info.  Systems  Co. 
Send  resume  to 
Kelley  Brun,  NXTV, 
Inc.,  5700  Canoga 
Avenue,  Suite  150, 
Woodland  Hills,  CA 
91367. 


Computer  Systems  Analyst 
needed  to  analyze  science, 
engineering,  business  and  data 
processing  problems  for  applica¬ 
tion  to  various  data  processing 
and  operating  systems,  includ¬ 
ing:  Windows  NT/2000,  Unix, 
Linux,  and  Sun  Solaris.  Analyze 
customer  requirements,  proce¬ 
dures  and  problems  to  improve 
existing  systems  and  review 
computer  system  capabilities, 
workflow  and  scheduling  limita¬ 
tions.  Send  resumes  to  NET  IQ, 
Attention:  Recruiting,  Park  Tow¬ 
ers  North,  1233  West  Loop 
South,  Suite  1800,  Houston, 
Texas  77027.  Put  job  code 
1002110-CSA-IM  on  resume. 


Systems  Analyst 

Analyze/review  Client  Server 
(VB..NET  Source  Code,  MS 
SQLServer,  Access  DB  Schem¬ 
as)  &  Legacy  Systems;  perform 
BPR,  integrate  back-end  sys. 
Des  Sys  Arch,  des  &  dev  UML 
diagrams,  capture  reqrmnts  (use 
case  approach),  map  data,  confi 
Mercury  Test  Director,  test 
appln,  test  for  Sec  508  web 
stnds.  Use  of  MSVisio,  Java, 
.NET,  and  DB.  MS  in  CS  or 
equiv  w/1  yr  exp  in  job  offered  or 
as  S/W  Eng,  req'd.  Multiple  posi¬ 
tions.  Send  res  to  DBTS.Inc., 
Attn:  CW  10-SA,  1100  H  St.  NW, 
Ste.  600,  Wash,  DC  20005. 


Sys  Admin  w/MS  in  Comp 
Sci  or  related  field  &  min  2 
yrs  exp  wanted  by  4U 
Services  dba  Stellar  Ser¬ 

vices.  NY,  NY.  Analyze  net¬ 
work  requirement  for  enter¬ 
prise  environment.  Design 
Windows  AD,  Exchange, 
SQL,  AVAYA  PSTN,  &  CIS¬ 
CO  systems.  Apply  knowl¬ 
edge  of  security  protocols  & 
arch  to  security  system; 
document  sys  config  & 
upgrades.  Fax  resume  to 
(212)  510-2602. 


Computerworld  - 


Programmer  Analyst  needed 
w/2  yrs  to  analyze,  dsgn,  dvlp, 
test  &  document  client  server 
applic  s/ware  using  Oracle 
d/base,  Oracle  Forms,  PL/SQL, 
Oracle  Reports,  TOAD  & 
Designer/2000.  Maintain  cus- 
tomizations  in  Oracle  Appli¬ 
cations  ERR  (Enterprise  Re¬ 
source  Planning).  Maintain  ver¬ 
sioning  of  custom  objects  using 
Clearcase  &  migrate  custom 
objects  using  Kintana.  Mail 
resumes  to:  Optima  Technology 
Partners,  Inc.  9  Mount  Pleasant 
Turnpike,  Ste  103,  Denville,  NJ 
07834.  Job  loc:  Denville,  NJ  or 
in  any  unanticipated  Iocs  in  U.S. 


Database  Administrator:  For 
Main  Line  Health,  Berwyn,  PA, 
install,  configure,  recover  & 
insure  perf.  Relational  DB  Mgmt 
Sys  (RDBMS);  analyze  &  doc, 
des  &  imp  RDBMS  structures; 
diagnose  &  resolve  RDBMS  out¬ 
ages  &  failures;  assist  in  dev  dis¬ 
aster  plans,  test  meth  &  mig 
paths;  doc  configurations. 
Req's:  Bach  or  equiv  based  on 
educ  SJ or  exp  in  Comp  Sci  or 
rel.  field.  5  yrs  exp  in  job  offered 
or  5  yrs  DBA  exp.  Exp  must  incl. 
instal,  recover  &  perform  Oracle 
on  Unix  &  Prog  on  Unix.  Prof  in 
Oracle,  PL/SQL,  PeopleSoft 
HRMS  admin  incl.  full  upgrade 
cycle,  Unix  (HPUX)  &  Unix  Shell 
Scripting.  40hrs/wk.  Send  res  to: 
kozickii@mlhs.org. 


Business/Functional  Analyst: 
Research,  configure,  gather 
business  requirements,  create 
functional  specifications,  Fi- 
nancials/SCM  planning,  &  tes¬ 
ting  applications  during  Peo¬ 
pleSoft  upgrades  &  provide 
input  on  new  tools  &  method¬ 
ology.  Utilize  People  Tools 
8.45/PeopleSofi  FSM  8.4 
AR/AP,  Billing,  GL,  Expenses 
and  Project  costing.  Req.  B.S. 
in  Comp.  Sci.  or  Engg.  &  2 
yeras  exp.  Send  resume  to 
GTSI  Corp.,  Attn:  HR  Dept  - 
Grace,  3901  Stonecroft  Bivd. 
Chantilly,  VA  20151. 


Systems  Engineer:  Analyze, 
architect,  develop,  integrate, 
administer  &  support  Net 
Install  5.7.  Automation,  Pack¬ 
aging,  distribution,  Ghost  im¬ 
aging,  Bug  fixes,  MS  Patch 
management  and  VBS/Batch/ 
Python  scripting.  Netlnstall 
5.7,  Python,  VB,  OPENPBS, 
SQL  Server  2000,  Track-lt 
inventory  tool,  C++.  Req.  B.S 
in  Comp.  Sci.  or  Engg.  Send 
resume  to  H.R.  Comprehen¬ 
sive  Software  Solutions,  Inc. 
3767  Summer  Kitchen  Way, 
Lilburn,  GA  30047. 


Computers 

Digital  Authentication  Tech. 
(Boca  Raton,  FL)  seeks 
Project  Manager/Hardware 
and  Software  Design,  with 
M.S.  in  CS  or  EE  +  4  years 
exper.  Must  have  experience 
using  Forth,  Java  or  C++, 
Device  Driver  or  Em-bedded 
Systems,  Network  and  Wire¬ 
less  Programming  and  other 
skills.  Send  resume  to 
ppatsis@dathq.com  with  Proj. 
Mgr/HSD  in  subject  heading, 
no  calls.  EOE. 
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Project  Lead  w/Masters  or  for¬ 
eign  equiv  in  Comp  Sci  or  Engg 
or  Math  &  1  yr  exp  to  analyze, 
dsgn,  dvlp  &  test  s/ware  applies, 
develop  Data  Ware  houses  & 
Datamart  Applies.  Dvlp  user 
friendly  front  end  forms  &  gener¬ 
ate  reports  using  GUI  tools,  C, 
C++,  SQL.  PL/SQL  &  Oracle  on 
HP-Unix,  Sun  Solaris  &  Sco- 
Unix  platforms.  Use  SQL  Navi¬ 
gator  &  TOAD  to  navigate  to 
Oracle  d/base.  Perform  s/ware 
dvipmt  life-cycle  process.  Super¬ 
vise  2  Prgmrs.  Mail  res  to:  BCC 
USA,  Inc.,  43  Stouts  Lane,  Mon¬ 
mouth  Junction,  NJ  08852.  Job 
Loc:  Monmouth  Junction,  NJ  or 
in  unanticipated  locations  in  US. 


SPECIALIST,  COMPUTER  AP¬ 
PLICATIONS  -  Position  avail¬ 
able  at  Florida  Atlantic  Univer¬ 
sity,  located  in  Boca  Raton,  FL. 
Design,  develop  &  customize 
apps.  that  interact  with  relation¬ 
al  databases  (SQL  Server, 
Oracle,  MS  Access).  We  are 
seeking  candidates  with  MS  in 
MIS/CS  +  1  yr  exp.  Req'd  1  yr 
adv  programming  exp  (UNIX  & 
Windows)  developing  data- 
based  apps.  40  hr/wk,  8:00  am 
to  5:00  pm,  M-F.  Please  send 
resumes  to:  Paul  Wright,  Direc¬ 
tor,  UAS,  IRM  at  FAU,  777 
Glades  Road,  Boca  Raton,  FL 
33431. 
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Sarb-Ox 

the  law.  The  work  covered  116 
business  processes  and  75  IT 
applications  throughout  the 
media  company,  whose  divi¬ 
sions  include  CBS  Broadcast¬ 
ing  Inc.,  MTV  Networks  Co. 
and  Nickelodeon  Networks. 

One  of  the  best  lessons  Via¬ 
com  executives  learned 
and  acted  on  during 
the  process  was  to 
identify  and  test  inter¬ 
nal  controls  centrally 
rather  than  hand  the 
work  off  to  each  of  a 
dozen  business  unit 
leaders,  Frieser  said. 

“We  developed  a  lot 
of  guidance  centrally 
instead  of  having  a  lot 
of  guesswork  in  each 
of  the  business  units,” 
he  said.  “We  weren’t 


perfect  in  2004,  but  we  got 
more  right  than  we  got 
wrong.” 

Michael  Hultberg,  executive 
director  at  Time  Warner  Inc. 
in  New  York,  said  officials  at 
the  media  giant  discovered 
during  the  first  round  of  Sec¬ 
tion  404  compliance  efforts 
that  “many  of  the  key  controls 
we’d  identified  actually 
weren’t  that  key.” 

Time  Warner  spent 
a  mind-numbing 
350,000  man-hours 
identifying,  evaluat¬ 
ing  and  testing  its 
financial  and  IT  con¬ 
trols,  but  it  discov¬ 
ered  a  higher  propor¬ 
tion  of  IT  control 
deficiencies  in  areas 
such  as  security  and 
change  management, 
he  said. 

Looking  back  on 
Time  Warner’s  first- 


HULTBERG 


learned  “many 
of  the  key 
controls  we’d 
identified  actu¬ 
ally  weren’t 
that  key.” 


year  experience,  Hult¬ 
berg  recommended 
that  companies  assign 
dedicated  staffers  to 
handle  the  work.  “It’s 
a  heck  of  a  lot  cheaper 
than  hiring  [a  third 
party],”  he  said. 

Centralized  Units 

Unlike  Viacom  and 
Time  Warner,  whose 
businesses  are  highly 
decentralized,  The 
Dow  Chemical  Co. 
has  a  centralized  business 
model  to  support  165  manufac¬ 
turing  sites  in  37  countries. 

As  a  result,  when  the  Mid¬ 
land,  Mich.-based  chemical 
manufacturer  conducted  some 
30,000  internal  control  tests 
last  year  to  meet  its  Section 
404  requirements,  they  were 
all  reviewed  by  each  of  the 
work  process  owners,  fol¬ 
lowed  by  the  company’s  inter¬ 


nal  audit  department, 
said  Ron  Edmonds, 
global  accounting 
director. 

“We  have  to  figure 
out  how  to  make  [Sec¬ 
tion  404  controls  veri¬ 
fication]  more  effi¬ 
cient,”  he  said.  “We 
don’t  want  to  see  any 
deficiencies,  but  with  a 
company  our  size, 
we’re  going  to  have 
them.”  Dow  Chemical 
had  $40  billion  in  rev¬ 
enue  last  year. 

One  of  the  biggest  chal¬ 
lenges  companies  faced  last 
year  was  trying  to  test  thou¬ 
sands  of  internal  controls 
with  manual  testing  proce¬ 
dures  instead  of  automated 
IT  tools,  said  Harald  Will, 
president  and  CEO  of  ACL 
Services  Ltd.,  a  Vancouver, 
British  Columbia-based  ven¬ 
dor  of  software  for  financial 


executives.  As  a  result,  many 
internal  audit  teams  “didn’t 
get  to  everything  they  should 
have,”  said  Will. 

Because  Section  404-related 
work  consumed  so  much  time 
and  resources,  many  compa¬ 
nies  ended  up  placing  a  num¬ 
ber  of  strategic  IT-business 
projects  on  the  back  burner 
to  meet  the  Dec.  31  deadline, 
said  John  Hagerty,  an  analyst 
at  Boston-based  AMR  Re¬ 
search  Inc. 

And  while  some  strategic 
projects  are  still  being  de¬ 
ferred,  many  companies  have 
been  channeling  their  IT 
spending  into  areas  such  as 
business  intelligence  in  order 
to  provide  senior  manage¬ 
ment  with  greater  visibility 
into  organizational  perfor¬ 
mance  and  operations.  “That’s 
where  the  battle  is  being 
fought  right  now,”  Hagerty 
said.  ©  57184 


Continued  from  page  1 

Palm  OS 

mis  use  Treo  650s  running 
Palm  OS  to  access  the  compa¬ 
ny’s  Exchange  e-mail  server 
and  place  voice  calls  through 
Good  Technology  Inc.’s  Good- 
Link  service.  Hagen  said 
GoodLink  gives  him  all  the 
functions  that  Microsoft  and 
Palm  are  promising  in  the  de¬ 
vice  based  on  Windows  Mo¬ 
bile.  And  he  said  he  doesn’t 
expect  Palm  to  back  away 
from  Palm  OS. 

Pessimistic  Outlook 

But  Drew  Mazeitis,  manager 
of  mobility  at  Ferrellgas  Part¬ 
ners  LP,  a  nationwide  propane 
retailer  in  Liberty,  Mo.,  said 
that  Palm’s  market  share  has 
been  “eroding  quickly.”  With 
last  week’s  announcement,  he 
said,  “every  day  we  are  closer 
to  the  reality  that  [Palm  OS 
is]  dead.” 

Ferrellgas  uses  Windows 
Mobile  to  power  4,000  custom 
handhelds  used  by  propane 
service  workers  and  about  50 


Samsung  Corp.  flip  phones  for 
the  company’s  executives.  “As 
much  as  you  hate  to  feed  the 
Microsoft  machine,  they  con¬ 
tinue  to  improve  their  prod¬ 
ucts  and  integrate  things  and 
make  it  hard  for  you  to  not  use 
their  stuff,”  Mazeitis  said. 

Sunnyvale,  Calif.-based  Palm 
said  the  new  Treo  will  be  avail¬ 
able  in  the  U.S.  early 
next  year  and  will 
initially  work  on 
Verizon  Wireless’ 
cellular  network. 

With  Windows  Mo¬ 
bile  5.0,  users  will 
be  able  to  hook 
their  Treos  into 
Exchange  servers 
and  deploy  appli¬ 
cations  written 
for  Windows  on 
the  phones,  ac¬ 
cording  to  compa¬ 
ny  officials. 

Following  the 
announcement, 

Gartner  Inc.  issued 
a  report  recom¬ 
mending  that  cor¬ 
porate  users  “make 
no  further  invest¬ 


ments  in  Palm  OS  Treos  for 
enterprise  applications.”  The 
new  device  should  enable 
Palm  to  compete  more  effec¬ 
tively  against  Research  In  Mo¬ 
tion  Ltd.’s  BlackBerry  and  the 
growing  number  of  handhelds 
based  on  Windows  Mobile  5.0, 
Gartner  said  in  the  report. 

Palm  OS  is  developed  by 
PalmSource  Inc.,  a  separate 
company  that  last  month 
agreed  to  be  acquired  by 
Tokyo-based  Ac¬ 
cess  Co. 

Gartner  ana¬ 
lyst  Todd  Kort 
said  the  latest 
version  of  the 
software,  called 
Palm  OS  Cobalt, 
has  been  “a  fias¬ 
co”  since  its  re¬ 
lease  last  year. 
Cobalt  hasn’t 
been  adopted  by 
major  Palm  li¬ 
censees  because 
it  “requires  a 
fantastic  amount 
of  memory”  to 
run  properly, 
Kort  said. 


Ed  Colligan,  Palm’s  presi¬ 
dent  and  CEO,  didn’t  directly 
address  the  future  of  Palm  OS 
within  the  hardware  vendor’s 
devices  during  a  press  confer¬ 
ence.  But  he  called  the  sup¬ 
port  for  Windows  Mobile  “an 
expansion”  of  Palm’s  product 
line.  “This  is  not  about  other 
things  going  away,”  he  said, 
“This  is  about  growth.” 

Windows  or  Nothing 

Afterward,  a  spokeswoman  for 
Palm  noted  that  some  corpo¬ 
rate  users  have  told  the  ven¬ 
dor  that  they  wouldn’t  consid¬ 
er  using  Palm’s  hardware  “un¬ 
less  it  ran  Windows.” 

Dale  Frantz,  CIO  at  Auto 
Warehousing  Co.  in  Tacoma, 
Wash.,  currently  supports  30 
Treo  650s  that  run  Palm  OS 
and  are  used  by  executives  at 
the  new-car  processor.  But 
Frantz  said  he  will  “immedi¬ 
ately”  transition  to  the  Win¬ 
dows  Mobile  device  when  it 
becomes  available. 

A  feature  for  pushing  e-mail 
over  the  Verizon  Wireless  net¬ 
work  to  the  existing  Treos  re¬ 
quires  a  user’s  PC  and  Out¬ 


look  client  to  remain  on  dur¬ 
ing  the  process,  Frantz  said, 
describing  that  approach  as 
“extremely  unreliable.”  Be¬ 
cause  his  staff  has  spent  many 
hours  trying  to  address  the 
problem,  converting  to  Win¬ 
dows-based  Treos  “would 
very  quickly  reduce  PC  tech- 
support  costs,”  he  said. 

Pete  Salerno,  a  technologist 
in  the  strategic  alliances  group 
at  signaling  software  vendor 
Ulticom  Inc.  in  Mt.  Laurel, 

N.J.,  said  he  thinks  that  Palm’s 
embrace  of  Windows  Mobile 
“means  the  end  of  the  Palm 
OS,  regrettably.”  Salerno,  who 
said  he  was  speaking  for  him¬ 
self  and  not  Ulticom,  added 
that  he’s  concerned  about 
Microsoft’s  long-term  commit¬ 
ment  to  addressing  security 
concerns.  ©  57193 


Tom  Krazit  of  the  IDG  News 
Service  contributed  to  this  story. 


MORE  HEWS  ONLINE 

Circular  plans  to  offer  Research  In  Motion’s 
BlackBerry  software  on  a  Nokia  handheld: 
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Windows  Mobile  will  allow 
Treo  users  to  deploy  appli¬ 
cations  written  for  Win¬ 
dows  on  their  phones. 
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We  never  stop  working  for  you ? 


FRANK  HAYES  ■  FRANKLY  SPEAKING 


So  Long,  Boomers 

GOOD  NEWS!  IBM  has  a  solution  for  your  baby-boomer 
problem.  You  know,  that  one  you’ve  been  losing  sleep 
over:  the  fact  that  corporate  employees  born  during 
the  post-World  War  II  baby  boom  will  start  hitting  60 
next  year,  and  once  they  begin  to  retire,  you’ll  lose  all 
their  knowledge  and  experience  [QuickLink  57145]. 

Uh,  you  haven't  lost  sleep  over  losing  those  boomers?  And  you 
don’t  think  you  need  IBM’s  newly  formed  army  of  consultants,  cul¬ 
tural  anthropologists,  researchers  and  social  scientists?  You  figure 
your  company  will  just  do  what  it  has  always  done  —  let  those  aging 
yuppies  go  and  hire  kids  to  replace  them? 

Maybe  you’ve  got  the  right  idea.  But  hold  that  thought. 


Actually,  IBM’s  new  consulting  angle  isn’t 
completely  useless.  There  likely  will  be  plenty 
of  boomer  attrition  —  eventually.  But  there  are 
lots  of  boomers  (everyone  born  in  the  U.S.  be¬ 
tween  1946  and  1964).  The  worst  of  the  exodus 
won’t  kick  in  until  about  2015,  when  the  peak  of 
the  boom  passes  age  65.  There’s  time. 

Then  again,  IBM  knows  that  lots  of  CIOs  and 
human  resources  VPs  are  baby  boomers  them¬ 
selves,  already  looking  forward  to  retirement. 
And  if  IBM  actually  can,  as  advertised,  run  em¬ 
ployee  data  through  its  special  software  and 
come  up  with  a  who-to-hire  workforce  plan  for 
around  $100,000,  it’s  a  pretty  cheap  service.  So 
the  timing  makes  sense,  and  the  price  isn’t  bad. 

But  Big  Blue’s  new  service  won’t  buy  your 
company  what  it  truly  needs. 

See,  IBM  may  be  able  to  figure  out  which 
business  skills  your  company  will  lose  when 
each  boomer  retires.  That  is,  the  generic  skills. 
There’s  no  subtlety  in  an  HR  database.  Maybe  it 
contains  employee  resumes,  certifications,  even 
data  on  continuing  education.  But  that’s  all  that 
can  be  mined  from  it. 

The  really  good  stuff  —  special¬ 
ized  knowledge  of  how  your  busi¬ 
ness  really  works  —  isn’t  generic.  It 
really  is  locked  in  the  heads  of  long¬ 
time  employees.  And  it’s  in  your  in¬ 
terest  to  extract  that  understanding 
of  your  business  processes  before  it 
leaves  the  building  when  those  peo¬ 
ple  retire.  It’ll  be  invaluable  for  every 
major  IT  project  going  forward. 

Can  you  extract  it?  Probably.  But 
the  time  to  start  working  on  that  ex¬ 
traction  isn’t  when  boomers  start 
easing  out  the  door. 


You’ll  need  to  identify  key  employees  long 
before  they  leave.  You’ll  have  to  put  IT  business 
analysts  to  work  interviewing  them,  to  pick  the 
employees’  brains  and  then  document  how 
everything  works  —  and  why. 

Then  you’ll  be  able  to  slice  and  dice  it.  You 
can  identify  which  of  your  company’s  practices 
are  industry-standard  and  which  are  unusual. 
You  can  decide  what’s  worth  keeping  and 
what’s  junk.  Then  you  can  check  back  with  the 
interviewed  employees  to  see  if  there’s  good 
reason  not  to  dump  a  particular  process  or 
approach  or  peculiarity. 

Does  all  this  nontechnical  interviewing  and 
analysis  sound  a  little  too  IT-free?  No,  it’s  not 
bytes  and  wires.  It’s  all  business.  And  remem¬ 
ber,  that’s  what  IT  is  about  now:  business. 

Think  of  it  as  a  lot  like  collecting  require¬ 
ments  —  only  piecemeal,  and  with  a  broader 
scope  than  for  any  single  project.  If  you  plan 
ahead  and  pick  the  right  employees,  you  can 
schedule  your  analysts  when  they  have  a  little 
time  to  spare,  to  keep  the  cost  to  a  minimum. 

On  the  other  hand,  the  impact 
on  IT’s  ability  to  understand 
your  business  could  be  huge. 

This  is  your  chance  to  get  real 
visibility  into  your  organization. 
And  that  could  translate  into 
faster  and  better  IT  response  to 
business  needs. 

But  the  window  for  that  visibility 
won’t  be  open  forever.  So  get  start¬ 
ed  now  to  make  it  a  reality.  That 
way,  when  those  boomers  begin  to 
retire,  you  can  afford  to  let  them 
go.  You’ll  still  have  something  to 
remember  them  by.  O  57174 


frank  hayes,  Computer- 
world's  senior  news  colum¬ 
nist,  has  covered  IT  for  more 
than  20  years.  Contact  him  at 

frank.hayes@computerworld.com. 


Can  You  Hear  Me  Now? 

Sysadmin  pilot  fish  is  on  a  camping  trip  when  he  gets 
a  cell  phone  call  from  a  business  user  about  a  Web 
application  that’s  having  problems.  Right,  says  fish, 
just  have  a  computer  operator  go  to  the  data  center 
and  call  me,  and  I’ll  talk  him  through  resetting  the 
server.  Half  an  hour  later,  fish’s  phone  rings.  It’s  the 
computer  operator:  “OK,  I’m  at  the  day  care  center. 
Frank  said  I  should  call  you  from  here.  What  am  I 
supposed  to  do  from  here  to  reset  the  server?” 

Aha!  « ii  MtM#  actually  being 

Company  installs  x||A  Pm  suggested.” 

Web-filtering  T  A II I# 

software  that  |  ffj§  |||fe 

does  a  great  job 


of  reducing  virus  infesta¬ 
tions.  But  it  also  turns 
up  new  problems.  User: 
“I  can’t  get  out  to  the 
Web  page  I  want.” 
Sysadmin  pilot  fish: 

What  site  are  you  going 
to?  User:  Silence.  Fish: 
Are  you  getting  any 
error  messages?  User: 
Silence.  Fish:  Can  you 
describe  to  me  what 
your  screen  looks  like 
when  you  try  to  get  to 
the  page?  User:  “It’s 
blue  and  says  ‘Access 
forbidden.  Site  category: 
job  search.’  ” 

For  the  Birds 

Help  desk  report:  “Issue 
encountered:  A  squirrel 
committed  suicide  on  a 
power  transformer  two 
doors  down  and  caused 
a  partial  power  failure. 
Servers  failed  on  brown¬ 
out.  Business  impact: 
Systems  were  down  for 
about  35  minutes.  Reso¬ 
lution:  Checked  data¬ 
base  system,  started  ap¬ 
plication,  opened  sys¬ 
tem.  Preventive  action: 
hawks.”  Pilot  fish  adds, 
“The  boss  did  initially 
ask  how  much  it  would 
cost  to  implement  the 
suggestion.  It  took  about 
10  seconds  for  it  to 
dawn  on  him  what  was 


Screenshot 

Customer  calls 
retailer  to  complain  that 
she’s  getting  an  error  on 
the  company’s  Web  site. 
“She  wasn’t  able  to  re¬ 
member  the  name  of  the 
error,”  IT  pilot  fish  re¬ 
ports.  “Our  service  rep 
walked  her  through  the 
steps  to  get  a  screen- 
shot,  but  she  said  the 
Print  Screen  key  wasn’t 
doing  anything  when  she 
pressed  it.  But  five  min¬ 
utes  later,  we  received  a 
fax  from  this  customer. 
She  had  hand-drawn,  in 
color,  her  screen,  com¬ 
plete  with  programs  in 
the  task  bar,  a  very  de¬ 
tailed  system  tray,  and 
even  the  clock!” 


Like  Lightning 

Frustrated  user  leaves 
voice  mail  for  help  desk: 
“My  laptop  battery  is  dy¬ 
ing!  I  don’t  want  to  lose 
this  interview,  but  the 
battery  says  it’s  at  25%. 
Will  you  please  call  me? 
Oh  great,  now  it’s  at 
27%.  Call  me  right 
away!”  Pilot  fish  knows 
it’s  charging  up,  not  run¬ 
ning  down,  and  calls 
user  to  put  her  mind  at 
ease.  “Oh,  thanks  for 
calling,”  says  user,  “but 
it’s  fixed  itself  -  and  the 
Harry  Potter  symbol 
went  away.” 


OITS  JUST  LIKE  MAGIC:  You  send  me  your  true  tale 
of  IT  life  at  sharky@computerworld.com,  and  I’ll 
send  you  a  snazzy  Shark  shirt  if  I  use  it.  And  check  out  the 
daily  feed,  browse  the  Sharkives  and  sign  up  for  Shark  Tank 
home  delivery  at  computerworld.com/sharky. 
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